abO salOm

There was a big debate in our company for the last one year about the DNS behavior, and the DNS is not stable and so on. One of the interesting subject we were debating about is the request time out, the DNS does not reply on time, and the DNS client on the modem router does not forward the request to the ISP DNS bla bla bla. This is of course does not make any sense neither from CPE side nor from ISPside. We did a small exercise just to show the folk who wrong they are.
The symptom was that the DNS reply with “DNS request time out” in the first two trials:

We took the pcap file from Wireshark, and we notice the following:

1. Request the A record (DNS record for IPv4) attaching the domain name
2. Request the AAAA record (DNS record for IPv6) attaching the domain name as well
3. Request the A record without attaching the domain name
4. Request the AAAA record without attaching the domain name

This is very interesting outputs, and explain why the first two requests fail. Here is the conclusion:

1. When Windows sends a DNS request, it will always attach the domain name (or so called DNS suffix). This is helpful in the big enterprise corporates where they have a local Windows DNS, and they want to use it as a recursive DNS for all DNS requests. Of course, when you use a DNS other than the corporate DNS, it will fail as there is no domain called www.yahoo.com.domain.com !
2. Then Windows will try to request the AAAA record (if the IPv6 stack enabled), and it will attach the domain name. This request will fail as well.
3. In the third request Windows will try A record without the domain name (www.yahoo.com), and in this case the ISP DNS will recognize the domain and it will reply with the correct resolution information.

This explains why the first two requests failed, and any machine with a domain name configured will face the same issue.

http://serverfault.com/questions/74067/windows-appending-domain-suffix-to-all-lookups