Attend the www.COREITPROS.com conference with Laura Chappell, Mike Pennachi, Tony Fortunato August 22 - 26, 2022
In my classes, workshops and presentations I would explain that you are behind the 8 ball if you follow the old adage” If it ain’t broke, don’t fix it”. This is mainly because network equipment, protocols, clients, and applications are fairly dynamic and can quickly recover from many of the most common issues.
This is precisely why I am such a big fan of baselining and investigating how things work.
In this example, I was asked what would happen if your primary DNS server entry on a Windows client was not reachable. They said after some research, they found a lot of contradicting information and thought they would ask me. The main question they wanted to be answered was “Does the client continue to try and use the primary DNS address when it is not reachable?”
I explained that it would be much easier to perform packet capture and see for yourself. I warned them that you have to take a lot of what you find online with a grain of salt since there might be changes to the protocol behavior with every update as well as how various applications might impact your operating system behavior.
In this video, I simply started Wireshark and used a “port 53” capture filter while I surfed and then left the browser on Facebook since it will constantly be chatting in the background. It is important to understand the goal of the exercise. All I wanted to do was to confirm if this Microsoft Windows 10 client continues to try and use the primary DNS server IP address even though it is not reachable. I’m sure you can see the temptation to add more questions like “what if you ran a script to clear your DNS cache?”, “what if you just ran a nslookup” and of course” does the client notice any delays when the computer tries this unreachable address.
Check it out.
Tony Fortunato