This article describes how to turn off the DNS client screening feature.
To turn off the DNS client screening feature, you must first create the ScreenUnreachableServers registry entry. To do this, follow these steps:
- Click Start, click Run, type regedit, and then click OK.
- Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
- On the Edit menu, point to New, and then click DWORD Value.
- Type ScreenUnreachableServers, and then press ENTER.
- On the Edit menu, click Modify.
- Type 0 in the Value data box, and then click OK.
- Exit Registry Editor.
Note You must stop and then start the DNS Client service for the registry change to take effect.
It is by design that the DNS Client service does not access the DNS servers that appear to be unreachable from the interface on which they are configured. The DNS servers are marked unreachable for the server even though they may be available to the other network adapter on the same server.
When you disable the ScreenUnreachableServers registry entry, you also disable the operating system feature that removes unreachable DNS servers from their caches. This may cause delays in name resolution. Therefore, we do not recommend that you disable the ScreenUnreachableServers registry entry unless the following conditions are true:
- This problem affects the server.
- There are no alternatives. For example, you cannot change the IP address of the DNS server.
A multi-network adapter Windows Server 2003-based server cannot use the second network adapter DNS server setting when the following conditions are true:
- The server is configured to have different DNS server settings for each network adapter.
- The IP address of the second network adapter can be accessed by using the subnet of the first network adapter.
Article ID: 914217 - Last Review: Mar 29, 2017 - Revision: 4