Advanced Resolver Features

The Windows 2000 resolver has some advanced features that are worth describing here.

Caching

The Windows 2000 resolver stores every record it receives in a shared cache available to all programs on the system. The Windows NT 4.0 resolver caches, but only on a per-process basis. For example, if you have two different web browsers running (say, Internet Explorer and Netscape Navigator), each has its own copy of the resolver with a separate cache. Windows 98, 95, and 3.1 resolvers don’t do any caching.

The Windows 2000 resolver obeys the TTL (time to live) field on resource records it caches, up to a maximum of 24 hours by default. So if a record specifies a TTL longer than that, the resolver rounds down to 24 hours. This maximum TTL is configurable with a Registry setting:

MaxCacheEntryTtlLimit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNSCache\Parameters
Data type: REG_DWORD
Range: 0x0 - 0xFFFFFFFF seconds
Default value: 0x15180 (86,400 seconds = 24 hours)

The Windows 2000 resolver also supports negative caching. It caches negative responses for five minutes by default. This negative caching timeout is also configurable with a Registry setting:

NegativeCacheTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNSCache\Parameters
Data type: REG_DWORD
Range: 0x0 - 0xFFFFFFFF seconds
Default value: 0x12C (300 seconds = 5 minutes)

To disable negative caching altogether, set this value to zero.

To view the resolver’s cache, use ipconfig /displaydns ...

Get DNS on Windows 2000, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.