I've found that Windows 7 or 10 won't accept a CNAME reply for FQDNs in a local domain (or a domain part of the search list).
We're migrating servers to a new data center and changing the primary A record for the new IP address. As these include the data center code. As this is an old environment there are a fair few internal hostnames tired to reach server. Rather than update all the A records with the new IP addresses, we've upted to use CNAME records pointing to the A record with the new FQDN of the new IP address. The intention is to make it easy to b change the IP address back of we need to roll back a migrated Windows server VM.
This works great for Linux and Mac clients, but not for Windows.
Packet captures show that the client gets a CNAME reply to the DNS request. But the result of an nslookup is empty except for the shown headers (DNS server etc). Next we reconfigured the client with a static IP address and no domain search list. The result is that Windows clients can now resolve the domain to an IP address, nslookup shows the alias (CNAME) as expected.
However, without a local domain, (and search list) we can no longer resolve hostnames, all requests must be for FQDNs
In summary:
api.google.com always resolves
test.domain.com only resolves if domain.com is not the local domain or in the search list.
"nslookup test" only works with domain.com in the search list.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 48%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
