How to Disable Client-Side DNS Caching in Windows XP and Windows Server 2003 (318803)


The information in this article applies to:

  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows XP Professional
This article was previously published under Q318803
For a Microsoft Windows 2000 version of this article, see 245437.
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

SUMMARY

Windows contains a client-side Domain Name System (DNS) cache. The client-side DNS caching feature may generate a false impression that DNS "round robin" is not occurring from the DNS server to the Windows client computer. When you use the ping command to search for the same A-record domain name, the client may use the same IP address. This behavior is different from Microsoft operating systems earlier than Windows 2000. These operating systems do not include the client-side DNS caching feature. This article describes how to disable DNS caching.

Note This article refers to the client portion of DNS. Do not use this information for making changes to DNS servers.

MORE INFORMATION

To stop DNS caching, run either of the following commands:
  • net stop dnscache

    -or-
  • sc servername stop dnscache
To disable the DNS cache permanently in Windows, use the Service Controller tool or the Services tool to set the DNS Client service startup type to Disabled. Note that the name of the Windows DNS Client service may also appear as "Dnscache."

Note The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated.

The DNS Client service optimizes the performance of DNS name resolution by storing previously resolved names in memory. If the DNS Client service is turned off, the computer can still resolve DNS names by using the network's DNS servers.

When the Windows resolver receives a positive or negative response to a query, it adds that positive or negative response to its cache, and as a result, creates a DNS resource record. The resolver always checks the cache before querying any DNS server. If a DNS resource record is in the cache, the resolver uses the record from the cache instead of querying a server. This behavior expedites queries and decreases network traffic for DNS queries.

You can use the Ipconfig tool to view and to flush the DNS resolver cache. To view the DNS resolver cache, type ipconfig /displaydns at a command prompt. Ipconfig displays the contents of the DNS resolver cache, including the DNS resource records that are preloaded from the Hosts file and any recently queried names that were resolved by the system. After a certain time period, the resolver discards the record from the cache. The time period is specified in the Time to Live (TTL) associated with the DNS resource record. You can also flush the cache manually. After you flush the cache, the computer must query DNS servers again for any DNS resource records previously resolved by the computer. To delete the entries in the DNS resolver cache, type ipconfig /flushdns at a command prompt.

Using the Registry to Control the Caching Time

IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

The length of time for which a positive or negative response is cached depends on the values of entries in the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNSCache\Parameters

 The TTL for positive responses is the lesser of the following values:
  • The number of seconds specified in the query response the resolver received
  • The value of the MaxCacheTtl registry setting.

Notes
  • The default TTL for positive responses is 86,400 seconds (1 day).
  • The TTL for negative responses is the number of seconds specified in the MaxNegativeCacheTtl registry setting.
  • The default TTL for negative responses is 900 seconds (15 minutes).
If you do not want negative responses to be cached, set the MaxNegativeCacheTtl registry setting to 0.

To set the caching time on a client computer:
  1. Start Registry Editor (Regedit.exe).
  2. Locate and then click the following key in the registry:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters

  3. On the Edit menu, point to New , click DWORD Value, and then add the following registry values:

    Value name: MaxCacheTtl
    Data type: REG_DWORD
    Default value: 86400 seconds
    Value data: If you lower the Maximum TTL value in the client's DNS cache to 1 second, this gives the appearance that the client-side DNS cache has been disabled.

    Value name: MaxNegativeCacheTtl
    Data type: REG_DWORD
    Default: 900 seconds
    Value data: Set the value to 0 if you do not want negative responses to be cached.

  4. Type the value that you want to use, and then click OK.
  5. Quit Registry Editor.

Subnet Prioritization

The Windows XP DNS resolver also uses Subnet Prioritization. If the resolver receives multiple IP address mappings (A resource records) from a DNS server, and some of the records have IP addresses from networks to which the computer is directly connected, the resolver places those resource records first. This behavior reduces network traffic across subnets by forcing computers to connect to network resources that are closer to them.

Although subnet prioritization does reduce network traffic across subnets, in some cases you may prefer to have the round robin feature work as described in RFC 1794. If so, you can disable the Subnet Prioritization feature on your clients by adding the PrioritizeRecordData registry entry with a value of 0 (REG_DWORD data type) in the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DnsCache\Parameters

For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

297510 How to Modify Time to Live on Domain Name System Records

286834 The DNS Client Service Does Not Revert to Using the First Server

For more information, see the Windows 2000 DNS white paper. To view this paper, visit either of the following Microsoft Web sites: For more information, see the Microsoft Windows XP Professional Resource Kit Documentation, chapter "DNS Caching, Network Prioritization, and Security."
Modification Type:MinorLast Reviewed:12/9/2005
Keywords:kbnetwork kbhowto kbinfo KB318803
©2004 Microsoft Corporation. All rights reserved.