Domain Suffix Search Order Explained

 

 

Murat Yildirimoglu

MCSE,MCT

murat@muratyildirimoglu

 

 

When we look at the DNS tab of the TCP/IP properties on an NT machine, we see a strange section titled, Domain Suffix Search Order.

 

What is it? What is it used for?

 

In the TCP/IP configuration of an NT computer, we see a fully qualified domain name (FQDN), for example, st9.acme.com. Let the DNS server IP address be 131.107.2.10, as indicated in the DNS Service Search Order section. That means, when it tries to resolve the FQDNs to their corresponding IP addresses, it goes to that DNS Server.

 

DNS queries requires FQDNs. When a command like

 

ping www.winntmag.com

 

is executed,  the first thing to do is to resolve the FQDN, www.winntmag.com in this case, to the corresponding IP address.

 

Now, lets assume that the DNS server has two zones, acme.com and teledyne.com. Remember that the domain of the client is also acme.com.

 

Let Acme.com has two host entries for mailserver.acme.com and ftpserver.acme.com and the other domain has only one host entry, mainserver.

 

Now, lets have some examples. First, the client  will ping mailserver.acme.com.

 

The user executes a regular command. That is, it gives the FQDN of the target computer. And the computer goes to the DNS server and can obtain an IP address against a FQDN.

 

What if the client tries to ping the ftpserver but forgets to add the  domain info?

 

It can still resolve the name to the IP address. How is it possible?

 

Because, when the client passes not the FQDN but only the host name, TCP/IP stack on NT adds the client's domain info to the DNS request. In our case, domain of the client, acme.com, is added to the request and DNS query was successfully completed.

 

Now,  if the client tries to ping the mainserver.teledyne.com but again it forgets to add domain info to the name what will happen?

 

The result of the command will be negative.

 

If the client gives the FQDN, that is mainserver.teledyne.com,  the query will be succesfull.

 

How can I get a positive response in this case also?

 

Domain suffix search order comes to the stage at this point. If we add the teledyne.com to the Domain Suffix Search Order box, TCP/IP stack tries first mainserver.acme.com. There is no computer like that. When it receives negative response it tries mainserver.teledyne.com

 

The domain names in the Domain Suffix Search Order box are added to the queried computer names, if those names do not conform to the FQDN format.