Description of DNS Client Name Resolution in Windows 2000

ID: Q217769

The information in this article applies to:
  • Microsoft Windows 2000 Server

SUMMARY

Name resolution describes the act of mapping a name to an IP address or vice-versa. For example purposes, this section focuses on mapping a name to an IP address, but the same could apply for mapping IP addresses to names. The resolver can submit four possible names in a query:

  • Null: The name specified is null or empty.
  • Fully Qualified: The name specified terminates with a dot.
  • Unqualified Single-Label: The name specified does not contain dots.
  • Unqualified Multi-Label: The name specified contains dots, but does not terminate with a dot.
Each adapter can be configured with multiple DNS servers. The configured servers are referred to as the "list of servers" or just the "list." The resolver sends queries to the first configured DNS server for the given adapter. If there is no response from that server, the resolver sends the query to next server configured for that adapter. When the resolver does not receive a response from a DNS server, it puts the next server in the list at the top of the list and send queries to that server. If a server in the list responds with either a positive or a negative response, the resolver does not send the query to any other servers in the list.


MORE INFORMATION

Null Query

Example: "ping localhost"

The resolver interprets queries with null names as information requested for the local host. The local host resolves these types of queries itself without sending them to the DNS server.

Fully Qualified Query

Example: "ping hostb.microsoft.com."

A Fully Qualified name is simply a domain name appended to the host name and completed with a trailing dot. The sequence for name resolution is as follows:
  1. The resolver sends the query to the preferred adapter's (configured using the binding order) DNS server.
  2. If there is no positive response after one second, the resolver sends the query to all adapters configured with DNS servers.
  3. If at any time the resolver receives a positive response from a DNS server, the query is a success and the results are returned to the caller.
  4. If a negative response is received from a server in the list, that list is removed from the query.
  5. If a server on every adapter list returns a negative response, the resolver returns a negative response to the caller.
  6. If there are server lists that have not responded, the resolver sends the query to all remaining servers on all server lists still in consideration.
  7. If there are still server lists that have not responded, a timeout is returned to the client that originated the query.

Unqualified Single-Label Query

Example: "ping hostb"

A name without periods (or dots) identifies the Unqualified Single-Label query. To have a Fully Qualified domain name, a suffix must be added to the host name in the query.

There are two sources of domain suffixes, but only one is used at any one time. If entries in the global suffix search order are present, the default domain names are not used. Microsoft defines the two default domain names as:
  • The Primary DNS Domain Name: Specifies the computer's domain membership.
  • The Adapter DNS Domain Name: Specifies the domain name configured per adapter.
The global suffix search order is configured in TCP/IP properties, on the DNS Client tab in the Advanced settings. Click "Search these DNS Domains (in order)."

Default Domain Names

If the global suffix search order is blank, the resolver appends suffixes to a host name in the following order:
  1. The primary DNS domain name is appended and sent as a Fully Qualified query.
  2. If a positive result or timeout occurs, the resolver sends the results to the client program.
  3. If a negative result occurs, the adapter DNS domain name is appended using the domain from the adapter listed first in the binding order (the preferred adapter) and sent as a Fully Qualified query.
  4. This continues until a positive result is returned, a timeout occurs, or all the adapter DNS domain names have been exhausted.
  5. If all the adapter DNS domain names have returned negative results, the primary DNS domain's parent is used. If a negative result is returned, the parent of the parent domain is used, and so on until a positive name is returned, a timeout occurs, or all the parent domains have been exhausted.
Using "dns.microsoft.com" for example, the query in step 1 is for the name "hostb.dns.microsoft.com." After exhausting the adapter DNS domain names, the parent of dns.microsoft.com is used, as in step 5 above. The name in the query becomes "hostb.microsoft.com." If that query returns negative results, the next name in the query is "hostb.com" and so on until all parent domains are exhausted.

This process is known as devolution and is configurable in TCP/IP properties, on the DNS Client tab in the Advanced settings. Click "Search the above DNS Domain and its parent domains."

Global Suffix Search

If the global suffix search order has been configured, the suffix is appended to the host name as follows:
  1. The first suffix in the search order is appended and sent as a Fully Qualified query.
  2. If a positive result or timeout occurs, it is sent to the client.
  3. If a negative response is returned, the next suffix is appended and sent as a Fully Qualified query.
  4. This continues until a positive result is returned, a timeout occurs, or all the configured suffixes have been exhausted.
  5. If all configured suffixes return a negative response, a negative response is returned to the client.

Unqualified Multi-Label Query

Example: "ping hostb.microsoft"

With the Unqualified Multi-Label query a name may or may not be a Fully Qualified Domain Name and does not include a trailing dot. The sequence for name resolution is as follows:
  1. The query is submitted as a Fully Qualified query.
  2. If a positive result or timeout occurs, it is sent to the client.
  3. If there is a negative result, the query is submitted as an Unqualified Single Label query and follows the name resolution of that query.
Windows 2000 clients receiving responses to queries cache the information for the time specified by the TTL. Clients have the ability to cache both positive and negative responses returned from the DNS server. The client cache can be cleared using the "ipconfig /flushDNS" command.

Additional query words: fqdn

Keywords : kbnetwork ntdomain
Version : WINDOWS:2000
Platform : WINDOWS
Issue type : kbinfo


Last Reviewed: December 29, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.