How to Disable Client-Side DNS Caching in Windows XP and Windows Server 2003
This article was previously published under Q318803
For a Microsoft Windows 2000 version of this article, see 245437.
Windows contains a client-side Domain Name System (DNS) cache. The client-side DNS caching feature may generate a false impression that DNS "round robin" is not occurring from the DNS server to the Windows client computer. When you use the ping command to search for the same A-record domain name, the client may use the same IP address. This behavior is different from Microsoft operating systems earlier than Windows 2000. These operating systems do not include the client-side DNS caching feature. This article describes how to disable DNS caching.
Note This article refers to the client portion of DNS. Do not use this information for making changes to DNS servers.
To stop DNS caching, run either of the following commands:
- net stop dnscache
- sc servername stop dnscache
Note The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated.
The DNS Client service optimizes the performance of DNS name resolution by storing previously resolved names in memory. If the DNS Client service is turned off, the computer can still resolve DNS names by using the network's DNS servers.
When the Windows resolver receives a positive or negative response to a query, it adds that positive or negative response to its cache, and as a result, creates a DNS resource record. The resolver always checks the cache before querying any DNS server. If a DNS resource record is in the cache, the resolver uses the record from the cache instead of querying a server. This behavior expedites queries and decreases network traffic for DNS queries.
You can use the Ipconfig tool to view and to flush the DNS resolver cache. To view the DNS resolver cache, type ipconfig /displaydns at a command prompt. Ipconfig displays the contents of the DNS resolver cache, including the DNS resource records that are preloaded from the Hosts file and any recently queried names that were resolved by the system. After a certain time period, the resolver discards the record from the cache. The time period is specified in the Time to Live (TTL) associated with the DNS resource record. You can also flush the cache manually. After you flush the cache, the computer must query DNS servers again for any DNS resource records previously resolved by the computer. To delete the entries in the DNS resolver cache, type ipconfig /flushdns at a command prompt.
Using the Registry to Control the Caching TimeImportant This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in WindowsThe length of time for which a positive or negative response is cached depends on the values of entries in the following registry key:
The TTL for positive responses is the lesser of the following values:
- The number of seconds specified in the query response the resolver received
- The value of the MaxCacheTtlregistry setting.
- The default TTL for positive responses is 86,400 seconds (1 day).
- The TTL for negative responses is the number of seconds specified in the MaxNegativeCacheTtlregistry setting.
- The default TTL for negative responses is 900 seconds (15 minutes).
MaxNegativeCacheTtlregistry setting to 0.
To set the caching time on a client computer:
- Start Registry Editor (Regedit.exe).
- Locate and then click the following key in the registry:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
- On the Edit menu, point to New , click DWORD Value, and then add the following registry values:Value name:MaxCacheTtl
Data type: REG_DWORD
Default value: 86400 seconds
Value data: If you lower the Maximum TTL value in the client's DNS cache to 1 second, this gives the appearance that the client-side DNS cache has been disabled.
Data type: REG_DWORD
Default: 900 seconds
Value data: Set the value to 0 if you do not want negative responses to be cached.
- Type the value that you want to use, and then click OK.
- Quit Registry Editor.
Subnet PrioritizationThe Windows XP DNS resolver also uses Subnet Prioritization. If the resolver receives multiple IP address mappings (A resource records) from a DNS server, and some of the records have IP addresses from networks to which the computer is directly connected, the resolver places those resource records first. This behavior reduces network traffic across subnets by forcing computers to connect to network resources that are closer to them.
Although subnet prioritization does reduce network traffic across subnets, in some cases you may prefer to have the round robin feature work as described in RFC 1794. If so, you can disable the Subnet Prioritization feature on your clients by adding the
PrioritizeRecordDataregistry entry with a value of 0 (REG_DWORD data type) in the following registry key:
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
297510 How to Modify Time to Live on Domain Name System Records
286834 The DNS Client Service Does Not Revert to Using the First ServerFor more information, see the Microsoft Windows XP Professional Resource Kit Documentation, chapter "DNS Caching, Network Prioritization, and Security."
dnscache DNS cache client MaxCacheEntryTtlLimit NegativeCacheTime MaxCacheTtl
Article ID: 318803 - Last Review: 10/12/2007 07:34:39 - Revision: 2.7
Microsoft Windows Server 2003, Standard Edition (32-bit x86), Microsoft Windows XP Professional
- kbnetwork kbhowto kbinfo KB318803