Windows contains a client-side Domain Name System (DNS) cache. The client-side DNS caching feature may generate a false impression that DNS "round robin" is not occurring from the DNS server to the Windows client computer. When you use the ping command to search for the same A-record domain name, the client may use the same IP address. This behavior is different from Microsoft operating systems earlier than Windows 2000. These operating systems do not include the client-side DNS caching feature. This article describes how to disable DNS caching.
Note This article refers to the client portion of DNS. Do not use this information for making changes to DNS servers.
To stop DNS caching, run either of the following commands:
- net stop dnscache
- sc servername stop dnscache
To disable the DNS cache permanently in Windows, use the Service Controller tool or the Services tool to set the DNS Client service startup type to Disabled. Note that the name of the Windows DNS Client service may also appear as "Dnscache." Note
The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated.
The DNS Client service optimizes the performance of DNS name resolution by storing previously resolved names in memory. If the DNS Client service is turned off, the computer can still resolve DNS names by using the network's DNS servers.
When the Windows resolver receives a positive or negative response to a query, it adds that positive or negative response to its cache, and as a result, creates a DNS resource record. The resolver always checks the cache before querying any DNS server. If a DNS resource record is in the cache, the resolver uses the record from the cache instead of querying a server. This behavior expedites queries and decreases network traffic for DNS queries.
You can use the Ipconfig tool to view and to flush the DNS resolver cache. To view the DNS resolver cache, type ipconfig /displaydns
at a command prompt. Ipconfig displays the contents of the DNS resolver cache, including the DNS resource records that are preloaded from the Hosts file and any recently queried names that were resolved by the system. After a certain time period, the resolver discards the record from the cache. The time period is specified in the Time to Live (TTL) associated with the DNS resource record. You can also flush the cache manually. After you flush the cache, the computer must query DNS servers again for any DNS resource records previously resolved by the computer. To delete the entries in the DNS resolver cache, type ipconfig /flushdns
at a command prompt.
Using the Registry to Control the Caching TimeImportant
This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
How to back up and restore the registry in Windows
The length of time for which a positive or negative response is cached depends on the values of entries in the following registry key:
The TTL for positive responses is the lesser of the following values:
- The number of seconds specified in the query response the resolver received
- The value of the
MaxCacheTtl registry setting.
- The default TTL for positive responses is 86,400 seconds (1 day).
- The TTL for negative responses is the number of seconds specified in the
MaxNegativeCacheTtl registry setting.
- The default TTL for negative responses is 900 seconds (15 minutes).
If you do not want negative responses to be cached, set the
registry setting to 0.
To set the caching time on a client computer:
- Start Registry Editor (Regedit.exe).
- Locate and then click the following key in the registry:
- On the Edit menu, point to New , click DWORD Value, and then add the following registry values:
Data type: REG_DWORD
Default value: 86400 seconds
Value data: If you lower the Maximum TTL value in the client's DNS cache to 1 second, this gives the appearance that the client-side DNS cache has been disabled.
Data type: REG_DWORD
Default: 900 seconds
Value data: Set the value to 0 if you do not want negative responses to be cached.
- Type the value that you want to use, and then click OK.
- Quit Registry Editor.
The Windows XP DNS resolver also uses Subnet Prioritization. If the resolver receives multiple IP address mappings (A resource records) from a DNS server, and some of the records have IP addresses from networks to which the computer is directly connected, the resolver places those resource records first. This behavior reduces network traffic across subnets by forcing computers to connect to network resources that are closer to them.
Although subnet prioritization does reduce network traffic across subnets, in some cases you may prefer to have the round robin feature work as described in RFC 1794. If so, you can disable the Subnet Prioritization feature on your clients by adding the
registry entry with a value of 0 (REG_DWORD data type) in the following registry key:
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
How to Modify Time to Live on Domain Name System Records
The DNS Client Service Does Not Revert to Using the First Server
For more information, see the Microsoft Windows XP Professional Resource Kit Documentation, chapter "DNS Caching, Network Prioritization, and Security."