You know that Windows 2000, XP, and 2003 Server include DNS resolver caches by default. Which is a big surprise to most Windows users, who sometimes get stuck with stale data and don't understand why some addresses are not resolving correctly. Most of the time you don't even have to think about it, but when you're making changes, you want to be sure that your clients are receiving fresh DNS information. How do you handle this?
On Windows clients, open a DOS window and run this command to see the contents of the cache:
C:\> ipconfig /displaydns | moreThis command clears the cache:
C:\> ipconfig /flushdnsThe default TTL is 86,400 seconds, or one day, for positive
responses. Answers to negative queries are stored for 300 seconds (5
minutes). You may change these values, or disable caching entirely by
editing the Windows Registry. On Windows 2000, open the Registry
Editor and change the TTL for positive entries by creating or
modifying the DWORD value
in:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters DWORD: MaxCacheEntryTtlLimit Value: 14400
14,400 seconds is four hours, which is typical for most ISPs these days. 0 disables all caching. Be sure you enter your values as Decimal Base, not Hexadecimal Base.
Disable negative answers with this key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters DWORD: NegativeCacheTime Value: 0
On Windows XP and 2003, change the TTL for positive entries with
a different DWORD:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Dnscache\Parameters DWORD: MaxCacheTtl Value: 14400
Turn off negative caching with this one:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters DWORD: MaxNegativeCacheTtl Value: 0
You may disable caching entirely by setting both values to zero. Reboot, as always, to activate the changes.
Linux clients do not activate their own DNS caches by default; you have to set these up on purpose. Client-side caching is a nice thing that speeds up lookups. All those caches cause problems only when DNS is changed and the caches get stale.