I configured an Azure VM with Windows 2012 R2 and the DNS Server role installed. I have another VM in the same VNet and I am using nslookup to query the DNS server.
Every time I query any domain name on this DNS server specifically, it times out the first two tries and then resolves successfully. The reason is that it's appending the query with a long cloudapp.net domain.
For example, I set the d2 option on nslookup and queried cnn.com:
> cnn.com Server: [10.51.5.4] Address: 10.51.5.4
------------ SendRequest(), len 77
HEADER:
opcode = QUERY, id = 19, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
cnn.com.g2dibntere1erjhcdrrozsaeod.bx.internal.cloudapp.net, type = A, class = IN
------------ DNS request timed out.
timeout was 2 seconds. timeout (2 secs) SendRequest failed
How can I disable this behavior?
Update
I found the suffixed domain in ipconfig results:
C:\Users\admin>ipconfig
Windows IP Configuration
Ethernet adapter Ethernet 3:
Connection-specific DNS Suffix . : g2dibntere1erjhcdrrozsaeod.bx.internal.cl
oudapp.net
Link-local IPv6 Address . . . . . : fe80::a90f:bb70:be04:ef2c%16
IPv4 Address. . . . . . . . . . . : 10.51.10.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.51.10.1
Tunnel adapter isatap.g2dibntere1erjhcdrrozsaeod.bx.internal.cloudapp.net:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : g2dibntere1erjhcdrrozsaeod.bx.internal.cl
oudapp.net
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1c9f:fbe8:d78d:f134
Link-local IPv6 Address . . . . . : fe80::1c9f:fbe8:d78d:f134%14
Default Gateway . . . . . . . . . : ::
So now how do I disable this connection-specific suffix?
Best Answer
What you're seeing is normal behavior. Your nslookup query is technically not a fully qualified query because you left out the trailing dot (.). If you want to see the difference, run the same query but instead add the trailing dot (.), as such:
cnn.com.
This is the behavior you'll see when issuing queries with nslookup that aren't fully qualified. The connection specific DNS suffix is being appended to your nslookup query because your nslookup query isn't fully qualified. Nslookup uses it's own DNS client resolver but does use the DNS search suffixes that are configured for the computer.The Windows DNS client resolver doesn't suffer from this behavior so you really don't need to change anything in the DNS client settings. What you've done by adding a dot (.) as a DNS suffix is not an appropriate corrective action and is likely to cause DNS name resolution problems for the operating system and applications. Have a read here:
http://blogs.msmvps.com/acefekay/2013/02/17/nslookup-suffixing-behavior