More one for awareness than asking how to resolve a particular issue, but our Windows clients/servers have quite a large number of entries in the DNS Suffix Search List.
We are seeing that when applications/users etc are performing a fully qualified DNS request, if they do not properly enter the FQDN with the trailing ".", the client cycles through all the entries in the suffix list before resolving the FQDN.
i.e.
suffix list = acme.com,acme1.com,acme2.com,acme3.com,acme4.com,acme5.com
nslookup www.acme5.com
Resulting queries are as follows:
www.acme5.com.acme.com
www.acme5.com.acme1.com
www.acme5.com.acme2.com
www.acme5.com.acme3.com
www.acme5.com.acme4.com
www.acme5.com.acme5.com
www.acme5.com
A quick resolution to this would be to get your Active Directory, desktop/server teams to change the suffix list so that the first entry is "."
i.e.
suffix list = .,acme.com,acme1.com,acme2.com,acme3.com,acme4.com,acme5.com
nslookup www.acme5.com
Resulting queries are as follows:
www.acme5.com.
Expecting to see a massive reduction in DNS queries, NXDOMAIN responses and generally improve perceived client/server behaviour.
4865 
1
