Why is this computer using secondary dns server instead of primary?

1285 pts.
Tags:
DNS
DNS server
Microsoft Windows XP
OpenDNS
I have a company that is using OpenDNS to filter ceartain web sites. The way I beleive it works is you set the workstations to use a OpenDNS servers. If you no longer wish for them to use OpenDNS filtering, then you use a different DNS server, such as 4.2.2.1.
Our domain controller has forwarders setup with only OpenDNS servers. So if I set a computer's primary dns server to 4.2.2.1 with no secondary server, then OpenDNS does not effect this computer. If i set the primary dns server to 4.2.2.1, and the secondary dns server to 192.168.1.200 (our DC, this way all internet traffic will use the primary dns server, and local stuff will fall back to the secondary dns server), then OpenDNS blocks stuff. This means that it's not using the primary dns server. Does anybody know why this is?


Software/Hardware used:
XP, Opendns

Answer Wiki

Thanks. We'll let you know when a new response is added.

Specific to your question, I believe 4.2.2.1 is OpenDNS as well. You can try 8.8.8.8 which is Google’s public DNS to see how it works.

Beyond answering the actual question of why would that be, a better practice for this is to have your clients pointing to your internal DNS server which will use a forwarder to 4.2.2.2 or 8.8.8.8 whichever you choose. It prevents you having to manually set all of them plus you probably don’t want them to bypass the OpenDNS block.

For specific workstations that do need to work around the blocks, use 8.8.8.8 and yours as the secondary. You may need to run flushdns to have it work properly.

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Ingram87
    My clients are pointing to the internal dns server, and there are forwarders setup on it using OpenDNS servers. That part works fine for everybody. The problem is for the people one workstation that shouldn't be using OpenDNS. 4.2.2.1 is not an OpenDNS server, it is a Verizon DNS server. And as I already said, If i set the workstations primary dns server to 4.2.2.1, OpenDNS does not effect it, but then I can not resolve names on the local network. So I set my internal DNS server (192.168.1.200) as the secondary dns server. With this setup, all internet names should be resolved by the primary dns server (4.2.2.1), and internal names would fail, then go to the secondary dns server (192.168.1.200). However, it's not doing this. When it's set like that, OpenDNS still blocks stuff, which means that the internet names aren't being resolved by the primary dns server, they are being resolved by the secondary dns server. I can't figure out why this is happening.
    1,285 pointsBadges:
    report
  • KFaganJr
    If you haven't already, I would try to set the DNS settings under the advanced TCP/IP settings instead of setting a primary and secondary in basic options. You may be getting to the secondary simply because it's less hops, where setting the DNS servers in order of use under advanced should only use the next server on the list if the first is unavailable or unable to resolve the request.
    1,355 pointsBadges:
    report
  • Koohiisan
    FYI, 4.2.2.x addresses are not related to OpenDNS. (see http://www.handcoding.com/archives/2005/04/15/alternate-dns-servers/)
    5,020 pointsBadges:
    report
  • Subhendu Sen
    Secondary dns servers are there mostly as backup for the primary, since most function on the Internet is so dependent on these servers being available. In most cases, it is not a good idea to have both a web server and a dns server on the same computer.
    28,890 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following