Windows客戶端DNS工作原理
誤區一,配置1個內網DNS,1個外網DNS。解析內網的時候用內網DNS,解析外網的時候用外網。
電腦怎麽知道哪個是內網?哪個是外網?我們內部的DNS服務器裏就有10+個DNS區域。
誤區二,第一個DNS服務器解析不到的地址,會繼續找第二個DNS服務器查詢。
話分兩說,超時了查不到會找第二個DNS服務器的。但是返回確定結果查無此人的話,是不會繼續查詢的。需要註意,查不到也是查詢結果。
誤區三,服務器上同一個DNS區域中,有些域名解析成內部,剩余的想解析成外部地址,我就不填了。查不到會自動向公網轉發
此誤區是沒有理解DNS解析原理造成的。權威DNS服務器查不到了,它是不會像任何其他DNS服務器再查詢的。
誤區四,每次查詢都會從網卡屬性中的第一個DNS服務器開始查。
此誤區和通常第一個誤區一起結合。以為先配置內網DNS服務器,就能確保內網地址都能解析了。但是誰也沒法保證內網查詢永遠不會出現超時。當內網服務器出現超時無返回結果,它在客戶端DNS列表中的查詢順序會降低。以後再查詢的時候就不會先查它了。所以,你填的DNS列表中的順序並沒有太大意義,運行了一段時間後,他們的順序也會變得不同。
Important note: the DNS servers list is kept in memory by the dnscache service. The next best server is determined based on a priority. All the servers start with the same priority and they are sorted for each adapter based on the precedence in which they were configured. Each time a server times-out its priority is reduced and when a server answers its priority is boosted (error conditions also modify the priority of a server). The next best server for an adapter is the one with the higher priority that is higher in the precedence list (if more than one server have the same priority then the next best is the one that is higher in the precedence list).
https://blogs.technet.microsoft.com/stdqry/2011/12/14/dns-clients-and-timeouts-part-2/
If at any point the resolver receives a negative response from a server, it removes every server on that adapter from consideration during this search. For example, if in step 2, the first server on Alternate Adapter A gave a negative response, the resolver would not send the query to any other server on the list for Alternate Adapter A.
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc961411(v=technet.10)
Windows客戶端DNS工作原理