DNS Caching is a process by which a DNS client also called a DNS Resolver holds the learnt information about a host or a Domain when it had earlier queried a DNS Server. While this serves good in getting DNS responses for repeated queries faster, it can also be a limiting factor at times. For example, if the DNS client learnt that one of the HOST or a DOMAIN was un reachable and has cached the information, chances are that if the HOST has recovered but still DNS Cache holds the negative caching information which stops you from accessing the host or domain. In a simple scenario, you can simple clear the DNS Cache by following instructions listed here.
However, the DNS Caching can be fine tuned or controlled from the Registry. The DNS CACHING entries are found in the following Registry Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
The values of interest are,
AdapterTimeoutCacheTime
When a DNS Server fails to respond to repeated DNS queries then time set to this value will determine how long the DNS Client will stop sending the DNS requests to the particular Network Adapter through which the DNS Server can be contacted. The DNS Client will try to contact other DNS Servers accessible through the other Network Adapters during this period of time. The default value is 120 seconds (2 mins)
To Disable set the value as 0
To set this value,
1. Click Start – RUN.
2. Type REGEDIT and press ENTER. This will open Windows Registry Editor with the Keys in the Left pane and the Values in the Right pane.
3. In the Right pane, check if the value AdapterTimeourCacheTime is found.
4. If found, right-click and select Modify. Select Decimal under Base and change the value as required seconds and click OK.
5. If not found, right-click, click New – DWORD – Name it as AdapterTimeOutCacheTime.
6. Right-click the newly added value, select Decimal under Base and enter the value as required in seconds and click OK.
For the changes to take effect, Restart the DNS Client service from Control Panel – Administrative Tools – Computer Management – Services.
NetFailureCacheTime
This is similar to the AdapterTimeoutCacheTime with the exception that when a DNS Server fails to respond to the repeated DNS queries then the time set to this entry will determine how long the DNS Client assumes that the network accessible through the Network Adapter through which the DNS Server is accessible is down and stop sending any DNS queries to that Adapter. The default value is 30 seconds
To Disable set the value as 0 To set this value,
1. Click Start – RUN.
2. Type REGEDIT and press ENTER. This will open Windows Registry Editor with the Keys in the Left pane and the Values in the Right pane.
3. In the Right pane, check if the value NetFailureCacheTime is found.
4. If found, right-click and select Modify. Select Decimal under Base and change the value as required seconds and click OK.
5. If not found, right-click, click New – DWORD – Name it as NetFailureCacheTime.
6. Right-click the newly added value, select Decimal under Base and enter the value as required in seconds and click OK.
For the changes to take effect, Restart the DNS Client service from Control Panel – Administrative Tools – Computer Management – Services.
MaxCacheEntryTtlLimit
The value set to this entry indicates how long the DNS Cache can hold the DNS records for a domain or host. Normally, the DNS responses from the DNS server will have the Time To Live (Time it can be held in DNS Cache) value for the DNS Record.
However, if the TTL is more than that set for MaxCacheEntryTtlLimit then that value (from the DNS response) is ignored and will be cleared of the cache once the time defined by MaxCacheEntryTtlLimit expires. NOTE: This will not apply to the SOA Records. To know about SOA Records click here.
The default value is 86400 seconds (1 Day)
To set this value, 1. Click Start – RUN.
2. Type REGEDIT and press ENTER. This will open Windows Registry Editor with the Keys in the Left pane and the Values in the Right pane.
3. In the Right pane, check if the value MaxCacheEntryTtlLimit is found.
4. If found, right-click and select Modify. Select Decimal under Base and change the value as required seconds and click OK.
5. If not found, right-click, click New – DWORD – Name it as MaxCacheEntryTtlLimit.
6. Right-click the newly added value, select Decimal under Base and enter the value as required in seconds and click OK.
For the changes to take effect, Restart the DNS Client service from Control Panel – Administrative Tools – Computer Management – Services.
MaxSOACacheEntryTtlLimit
This is exactly the same as that of MaxCacheEntryTtlLimit with the exception that it applies for the SOA records of a domain and not for the other DNS records. This time overrides the Ttl defined for the SOA Record in the DNS Response which is cached. If the TTL for the SOA record is more than that defined for this entry then TTL from the DNS Response will be ignored and will be cleared of the cache when the MaxSOACacheEntryTtlLimit time expires.
The default value is 300 seconds (5 Mins) To set this value,
1. Click Start – RUN.
2. Type REGEDIT and press ENTER. This will open Windows Registry Editor with the Keys in the Left pane and the Values in the Right pane.
3. In the Right pane, check if the value MaxSOACacheEntryTtlLimit is found.
4. If found, right-click and select Modify. Select Decimal under Base and change the value as required seconds and click OK.
5. If not found, right-click, click New – DWORD – Name it as MaxSOACacheEntryTtlLimit.
6. Right-click the newly added value, select Decimal under Base and enter the value as required in seconds and click OK.
For the changes to take effect, Restart the DNS Client service from Control Panel – Administrative Tools – Computer Management – Services.
NegativeCacheTime
This is similar to MaxCacheEntryTtlLimit with the exception that this defines the time a Negative answer for a domain or host is held. Once the time expires, this negative DNS Cache will cleared. NOTE: This will not apply to the SOA Records. To know about SOA Records click here.
The default value is 300 seconds (5 Mins) To set this value,
1. Click Start – RUN.
2. Type REGEDIT and press ENTER. This will open Windows Registry Editor with the Keys in the Left pane and the Values in the Right pane.
3. In the Right pane, check if the value NegativeCacheTime is found.
4. If found, right-click and select Modify. Select Decimal under Base and change the value as required seconds and click OK.
5. If not found, right-click, click New – DWORD – Name it as NegativeCacheTime.
6. Right-click the newly added value, select Decimal under Base and enter the value as required in seconds and click OK.
For the changes to take effect, Restart the DNS Client service from Control Panel – Administrative Tools – Computer Management – Services.
NegativeSOACacheTime
This is similar to MaxSOACacheEntryTtlLimit with the exception that this defines the time a Negative answer for a domain or host is held. Once the time expires, this negative DNS Cache for the SOA record will cleared.
The default value is 120 seconds (2 Mins) To set this value,
1. Click Start – RUN.
2. Type REGEDIT and press ENTER. This will open Windows Registry Editor with the Keys in the Left pane and the Values in the Right pane.
3. In the Right pane, check if the value NegativeSOACacheTime is found.
4. If found, right-click and select Modify. Select Decimal under Base and change the value as required seconds and click OK.
5. If not found, right-click, click New – DWORD – Name it as NegativeSOACacheTime.
6. Right-click the newly added value, select Decimal under Base and enter the value as required in seconds and click OK.
For the changes to take effect, Restart the DNS Client service from Control Panel – Administrative Tools – Computer Management – Services.