It’s obvious when I think about it, but easy to forget I guess. If you use
nslookup (on Windows) to resolve a name, and if the first name server in your list of servers is down,
nslookup doesn’t automatically query the next one in the list. Instead it just returns an error.
nslookup [-opt ...] # interactive mode using default server
nslookup [-opt ...] - server # interactive mode using 'server'
nslookup [-opt ...] host # just look up 'host' using default server
nslookup [-opt ...] host server # just look up 'host' using 'server'
Notice how it says default server. That’s it. Just the first server in the list, and if that’s down then the rest aren’t queried. If you want to query the rest, you have to explicitly pass the server name to
As a result of this
nslookup could give a name as non-resolvable but other commands such as
ping will just work fine. Because they use the in-built resolver and that queries the other servers in the list if the first one is down.
Also, just coz it’s good to know: once the in-built resolver finds a DNS server as not responding, it doesn’t query it again for the next 15 mins. So if you have two DNS servers – ns1 and ns2 – and ns1 is currently down, the in-built resolver won’t waste time trying to query ns1, rather it will straight away go to ns2. Every 15 mins this is reset and so after that ns1 will be tried again.