Disable DNS Cache

[MikeS]

We have DNS configured in Active Directory using Windows 2003 servers. We
have a legacy domain where DNS runs on Unix. To resolve names in the legacy
namespace we use a stub zone.

I have one site where they are making a lot of changes to servers in the
legacy domain. The caching on the AD DNS servers is becoming a problem.
The time to live is very long so users at this site don't see the changes
unless I keep clearing the cache. While I could set up a scheduled task to
keep the cache clear can I:

1. Set the default time to live time down on the cache so records are
purged more often

or

2. Just disable the cache for this site only until they complete their
changes.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

We have DNS configured in Active Directory using Windows
2003 servers. We have a legacy domain where DNS runs on
Unix. To resolve names in the legacy namespace we use a
stub zone.

I have one site where they are making a lot of changes to
servers in the legacy domain. The caching on the AD DNS
servers is becoming a problem. The time to live is very
long so users at this site don't see the changes unless I
keep clearing the cache. While I could set up a
scheduled task to keep the cache clear can I:

1. Set the default time to live time down on the cache
so records are purged more often

2. Just disable the cache for this site only until they
complete their changes.

Disabling the DNS cache and reducing the maximum cache TTL is done with the
same registry entry Set the MaxCacheTtl to 0 to disable the cache. Changing
the Maximum cache ttl on the DNS server is only part of the picture, you'd
still have to flush the client DNS cache, too. I'd recommend reducing the
TTL of the records in the BIND if it is causing an issue, reducing the DNS
server cache ttl fixes one problem but means that it will have to refresh
its records more often. That said, the MaxCacheTtl registry entry is in this
KB:
813964 - Description of DNS registry entries in Windows 2000 Server, part 2
of 3:
http://support.microsoft.com/default.aspx?kbid=813964

 

[Jeff Westhead [MSFT]]

In general, people who seek to disable caching do not understand DNS and are
using the old "sledgehammer vs. fly" approach.

DNS gives you TTLs for a reason. You can disable caching if you want but at
least investigate tuning via TTLs. The big advantage is that if you disable
caching you only "fix" your problem on one machine. If you properly
implement TTLs you fix your problem for every machine in your enterprise
with a set-and-forget central setting.

 

[Ace Fekay [MVP]]

In

In general, people who seek to disable caching do not understand DNS
and are using the old "sledgehammer vs. fly" approach.

Is that like Spy vs Spy?

DNS gives you TTLs for a reason. You can disable caching if you want
but at least investigate tuning via TTLs. The big advantage is that
if you disable caching you only "fix" your problem on one machine. If
you properly implement TTLs you fix your problem for every machine in
your enterprise with a set-and-forget central setting.

I would think using TTLs would be
the better solution as well.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[MikeS]

Thank you for the information. I talked them into just shortening the TTL.
That solves their problem.