Odd name resolution behavior

J

JDavis

I have a Vista Home Premium system that I am attempting to configure to use
a single-label (unqualified) DNS domain. The network has a DNS server. On
my XP systems, I simply put a single "." (period) in the "Append these DNS
suffixes (in order)" in the "Advanced TCP/IP settings" dialog, and this
works consistently. This allows me to resolve single-label names without a
trailing period, as in "ping hostname".

I gave my Vista system a similar configuration. The strange thing is, when
I "ping hostname" the first time, it resolves the name. Subsequent attempts
fail. If I flush the DNS cache (ipconfig /flushdns) it will work again -
once. Also, if I allow the cache to time out, it will also work again one
time. Another oddity is that when I display the DNS cache entries I do not
see the entry for "hostname".

Digging a little bit further, I sniffed the network traffic. On the initial
name resolution attempt, I see a standard query for an "A" record followed
by the server response, as I would expect. On subsequent attempts, I see 2
IPv4 LLMNR and 2IPv6 LLMNR probes, followed by 3 NBNS broadcast requests.
There is no DNS query.

Is this a bug? I would expect that after the initial attempt that Vista
would use the cached DNS info to perform the resolution, but this does not
appear to be the case. Any ideas?

Thanks,
-Jeff
 
R

Robert L [MVP - Networking]

Try to disable IPv6. Also this post may help,

Vista & Domain IssuesVista Can't join domain because single-label DNS .... It is not recommended to use Single-label DNS name as domain name. In this case, you may enable WINS so ...
www.chicagotech.net/vista/vista&domain.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I have a Vista Home Premium system that I am attempting to configure to use
a single-label (unqualified) DNS domain. The network has a DNS server. On
my XP systems, I simply put a single "." (period) in the "Append these DNS
suffixes (in order)" in the "Advanced TCP/IP settings" dialog, and this
works consistently. This allows me to resolve single-label names without a
trailing period, as in "ping hostname".

I gave my Vista system a similar configuration. The strange thing is, when
I "ping hostname" the first time, it resolves the name. Subsequent attempts
fail. If I flush the DNS cache (ipconfig /flushdns) it will work again -
once. Also, if I allow the cache to time out, it will also work again one
time. Another oddity is that when I display the DNS cache entries I do not
see the entry for "hostname".

Digging a little bit further, I sniffed the network traffic. On the initial
name resolution attempt, I see a standard query for an "A" record followed
by the server response, as I would expect. On subsequent attempts, I see 2
IPv4 LLMNR and 2IPv6 LLMNR probes, followed by 3 NBNS broadcast requests.
There is no DNS query.

Is this a bug? I would expect that after the initial attempt that Vista
would use the cached DNS info to perform the resolution, but this does not
appear to be the case. Any ideas?

Thanks,
-Jeff
 
J

JDavis

Thanks fpr the response Robert. I am not doing anything with Windows
domains, just trying to get name resolution to work properly. Though I want
to do some experimentation with it later, I disabled IPv6 just to see if it
had any effect. It didn't, other than of course I no longer saw the 2 IPv6
LLMNR frames on the wire.

I suppose that the easiest thing to do would be to introduce a DNS domain
such as "local" into the mix. However, I am trying to understand this
behavior in Vista.

- Why doesn't Vista resolve the name from the local DNS cache after it is
initially resolved?
- Why doesn't the hostname appear in the "ipconfig /displaydns" output after
it is initially resolved? (see comments below)
- If the name isn't in the cache, why does flushing it have any effect
whatsoever?

If I disable client side DNS caching (net stop dnscache), the name resolves
every time.

It is interesting to note that in XP also the resolved name does not appear
in the cache. Rather, the XP client queries the name server every time.
For a name server, I am using dnsmasq on a DD-WRT router. It doesn't appear
that this is returning an authoritative response. I just notice that the
TTL on the inital nameserver response is 0, so that would explain why the
entry is not placed into the cache. It does NOT explain why resolution
fails after the initial attempt nor why flushing the cache makes the name
resolve again. It would appear to me that there is a flaw in the resolver
caching logic somewhere along the way.

-Jeff
 
J

JDavis

More info. I found a dnsmasq option that allows me to specify the TTL in
DNS replies. If set to anything other than 0 (even 1 second), the problem
goes away.
 
R

Robert L [MVP - Networking]

Thank you for the update.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
More info. I found a dnsmasq option that allows me to specify the TTL in
DNS replies. If set to anything other than 0 (even 1 second), the problem
goes away.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DNS name resolution in .Net 2
Newbie in over my head? 4
DNS error/warning 1
XP Slow name resolution 1
Changing DNS name from single to with domain name, event id 414 2
The DNS server machine currently has no DNS domain name 1
XP slow name resolution 1
Name server error issue 3

Top