dns cache and hosts file

[Bilal Abbasi]

I found a hosts file in the Winnt directory that had entries for google.
These included all possible scenarios, i.e. www.google.com, google.com,
www.google.ie... etc etc. resolving to the a couple of ip address that were
obviously not google.

I kept trying to clear the dns cache by using the command line "ipconfig
/flushdns" and it would not clear the chache. My question is how does my
dns server know to look at the hosts file in the 'winnt\hosts' locations
instead of "winnt\system32\drivers\etc\hosts", if indeed it uses hosts file
to load into its cache.

Any help will be appreciated.

Bilal Abbasi.

 

[Jonathan Maltz [MS-MVP]]

Hi,

Actually the hosts file comes before any DNS lookups. To remove those
domain/ips just delete the relevant lines, no reboot necessary

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.

 

[Jonathan Maltz [MS-MVP]]

That, I don't know, but after deleting the lines and ipconfig /flushdns,
everything worked properly, right?

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.

Johnathan,

I did delete the entries. Would you know why the TTL for all those records
was 31534947 where it should be less than 1000?

Thanks
Bilal

Hi,

Actually the hosts file comes before any DNS lookups. To remove those
domain/ips just delete the relevant lines, no reboot necessary

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.

I found a hosts file in the Winnt directory that had entries for google.
These included all possible scenarios, i.e. www.google.com, google.com,
www.google.ie... etc etc. resolving to the a couple of ip address that were
obviously not google.

I kept trying to clear the dns cache by using the command line "ipconfig
/flushdns" and it would not clear the chache. My question is how does my
dns server know to look at the hosts file in the 'winnt\hosts' locations
instead of "winnt\system32\drivers\etc\hosts", if indeed it uses hosts file
to load into its cache.

Any help will be appreciated.

Bilal Abbasi.

 

[Jonathan Maltz [MS-MVP]]

Bilal,

You said that the entries for sites like Google were much different?

I just came across this, see if it applies:
http://vil.nai.com/vil/content/v_100719.htm

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.

That, I don't know, but after deleting the lines and ipconfig /flushdns,
everything worked properly, right?

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.

Johnathan,

I did delete the entries. Would you know why the TTL for all those records
was 31534947 where it should be less than 1000?

Thanks
Bilal

Hi,

Actually the hosts file comes before any DNS lookups. To remove those
domain/ips just delete the relevant lines, no reboot necessary

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.


I found a hosts file in the Winnt directory that had entries for google.
These included all possible scenarios, i.e. www.google.com, google.com,
www.google.ie... etc etc. resolving to the a couple of ip address that
were
obviously not google.

I kept trying to clear the dns cache by using the command line "ipconfig
/flushdns" and it would not clear the chache. My question is how

does
my

dns server know to look at the hosts file in the 'winnt\hosts' locations
instead of "winnt\system32\drivers\etc\hosts", if indeed it uses hosts
file
to load into its cache.

Any help will be appreciated.

Bilal Abbasi.

 

[Bilal Abbasi]

Bingo!!!!!!!

That is exactly what has happened.

Bilal,

You said that the entries for sites like Google were much different?

I just came across this, see if it applies:
http://vil.nai.com/vil/content/v_100719.htm

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.

That, I don't know, but after deleting the lines and ipconfig /flushdns,
everything worked properly, right?

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.

Johnathan,

I did delete the entries. Would you know why the TTL for all those records
was 31534947 where it should be less than 1000?

Thanks
Bilal


Hi,

Actually the hosts file comes before any DNS lookups. To remove those
domain/ips just delete the relevant lines, no reboot necessary

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site
Only reply by newsgroup. If I see an email I didn't ask for, it

will

be