Replace root hints/cache.dns

[Guest]

Can anyone clue me in on how to replace the cache.dns file on a non-AD W2K
server? I followed the steps in KB 298148 (at the bottom--there was no TLD
defined), but I can't finish the last step since there is no AD on this
server. I can replace the cache.dns file with what is in the samples
directory, but when I reboot the server, there is still nothing in the cached
lookups. is there another KB I could look at?

Anyassistance is appreciated.

ba

 

[Ace Fekay [MVP]]

In

Can anyone clue me in on how to replace the cache.dns file on a
non-AD W2K server? I followed the steps in KB 298148 (at the
bottom--there was no TLD defined), but I can't finish the last step
since there is no AD on this server. I can replace the cache.dns file
with what is in the samples directory, but when I reboot the server,
there is still nothing in the cached lookups. is there another KB I
could look at?

Anyassistance is appreciated.

ba

Cached lookups? Do you mean you are looking at the DNS console in Advanced
view? When you restart the server, you are clearing the cache. This means
that any names that were resolved for users, will be in the cache. If you
restart the server or the DNS service itself, it will clear the cache.
Cached is just that, it keeps whatever it looked up in cache for the TTL of
the record so if other requests come in for the same name within the TTL
period of that particular record, meaning it is still in cache, it will not
have to perform another lookup.

Do yourself a favor, if it is truly Advanced View, get out of that view to
lessen any confusion.

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

Having difficulty reading or finding responses to your post?
Instead of the website you're using, try using OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. Anonymous access. It's free - no username or password
required nor do you need a Newsgroup Usenet account with your ISP. It
connects directly to the Microsoft Public Newsgroups. OEx allows you
o easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject. It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

"Quitting smoking is easy. I've done it a thousand times." - Mark Twain

 

[Guest]

actually, yes--I was looking at advanced view, but I also had a cache.dns
file that was empty (i.e., no root hints). I copied the cache.dns file from
dns\samples, but for some reason, it wouldn't take. the KB article I
mentioned explains how to do this, but it assumes the machine is a DC, and
this one is not. the problem was that reverse lookups could not be resolved,
which resulted in most mail (incoming and outgoing) being rejected by the
spam gateway.

I was able to resolve it by manually copying cache.dns and resetting DNS
properties to the defaults, specifically using AD and the registry (even tho
this machine does not have AD--go figure). I also had to enable recusion,
which the RFC recommends against. but it is working now, and when I go into
cache lookups the root hints are there. and now reverse lookups are being
resolved.

thanks...
ba

 

[Ace Fekay [MVP]]

In

actually, yes--I was looking at advanced view, but I also had a
cache.dns file that was empty (i.e., no root hints). I copied the
cache.dns file from dns\samples, but for some reason, it wouldn't
take. the KB article I mentioned explains how to do this, but it
assumes the machine is a DC, and this one is not. the problem was
that reverse lookups could not be resolved, which resulted in most
mail (incoming and outgoing) being rejected by the spam gateway.

I was able to resolve it by manually copying cache.dns and resetting
DNS properties to the defaults, specifically using AD and the
registry (even tho this machine does not have AD--go figure). I also
had to enable recusion, which the RFC recommends against. but it is
working now, and when I go into cache lookups the root hints are
there. and now reverse lookups are being resolved.

thanks...
ba

There are two places to disable recursion. One is under the advanced tab.
That will stop the machine from resolving anything for anyone other than
what zones are hosted. The other spot is under the Forwarders tab. This will
stop it from using the Root hints, but will allow it to use a forwarder.

However, if you have the Root zone created (looks like a period in the zones
list), the Root hints will be empty as well and are "gone", so to speak. The
Root list will be grayed out with a Root zone created. Deleting it will
bring them back.

That's why you couldn;t see it the first time: you had recursion disabled.
Recursion means to allow it to forward it elsewhere to resolve, and one of
those methods, if you do not have a forwarder set, is to send it to the
Roots.

But with all the changes you made and whichever recursion was disabled,
probably explains what you were seeing and got you a little frustrated.

Take it out of advanced view, keep recursion enabled, delete the Root zone,
and configure a forwarder.

As far as a security risk, if you need it to resolve, you MUST enable it
under the advanced tab. Under the forwarders tab, it just means to not use
the Roots and forward it on.


291382 - Frequently asked questions about Windows 2000 DNS and Windows
Server 2003 DNS
http://support.microsoft.com/?id=291382

323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003
(forwarding) :
http://support.microsoft.com/?id=323380

Ace