1

On my Win 8.1 laptop I like to use OpenDNS, Level 3, or an OpenNIC DNS resolver. Unfortunately, this is has been met with spotty performance. Often DNS will work for a half hour or so, then fail.

Sometimes reloading URI's works, sometimes it doesn't. I'm also suspicious that OpenNIC isn't really overriding my ISP's DNS because I keep getting the ISP's annoying default page when I load a broken URI.

Is there a way to capture DNS queries and their error codes/messages on the command line?

Hack-R
  • 22,422
  • 14
  • 75
  • 131

1 Answers1

2

It might be a bit overkill, but if you really want to capture all your DNS queries and their corresponding responses, including the exact error codes, you can run a network capture with Wireshark or Microsoft Network Monitor.

To filter a Wireshark capture to display only your DNS traffic, have a look there :

How to filter wireshark to see only dns queries that are sent/received from/by my computer?

Also, you can enable the DNS client operational log : Open the event Viewer

Go to Application and services logs >> Microsoft >> Windows >> DNS Client Events

Right-Click on Operational and click on "Enable Log"

This will record all the DNS resolution failures as event ID 1015 or 1016, telling you the name for which the resolution failed and the IP address of the DNS server which sent the response.

Community
  • 1
  • 1
Mathieu Buisson
  • 1,325
  • 10
  • 8
  • Of course! I can't believe I didn't think of Wireshark – Hack-R Dec 28 '14 at 22:17
  • To enable the DNS client Operational log with Powrshell, you can do that : (Get-WinEvent -ListLog Microsoft-Windows-DNS-Client/Operational).IsEnabled = $True . And then to query this event log for errors, you can run this command : Get-WinEvent -LogName Microsoft-Windows-DNS-Client/Operational | where { $_.ID -gt 1010 } – Mathieu Buisson Dec 28 '14 at 22:25