Quick Tips #1: nslookup default behaviour during failover of Primary DNS

Primarily as a way to force myself to keep this blog updated, I’m going to throw up some quick tips as I come across them. A new series imaginatively entitled “Quick Tips”…

While doing some fail-over testing I noticed a behaviour of nslookup that I hadn’t twigged before. It’s the kind of thing that might catch you out in the heat of an actual fail-over situation, and lead you to chase your own tail believing you have a DNS resolution issue.

Lab environment has a PC on 10.2.2.101, with DHCP assigning 10.1.1.11 and 10.1.1.12 as primary and secondary DNS servers respectively.

With the primary DNS server down, you might be inclined to do a quick nslookup to confirm you can still resolve DNS to your secondary server, but the basic command will fail:

The clue is in the address being queried in the readout; 10.1.1.11, our primary DNS server. Windows nslookup will always use the primary DNS server for a basic nslookup, even if actual DNS queries are successfully being directed to the secondary DNS.

We can prove this with a simple ping, and further by specifying the secondary DNS as our target DNS server in the nslookup command:

So all is well!

Leave a Reply

Your email address will not be published. Required fields are marked *