TechiWarehouse.Com


Top 3 Products & Services

1.
2.
3.

Dated: Aug. 16, 2004

Related Categories

Windows XP
Computer Beginners Guides
Networking In General
Microsoft Internet Explorer

By Vic Laurie

To help speed up Web browsing, Windows XP comes with a local cache containing any DNS addresses that have been looked up recently. Once an URL has been resolved by an Internet name server into a numerical IP, the information is stored locally. Anytime your browser requests an URL, Windows XP first looks in the local cache to see if it is there before querying the external name server used by your ISP. If it finds the resolved URL locally it uses that IP. This is supposed to save time and cut down on Web traffic.

Problems

The default time period for keeping an address in the cache is 24 hours. Thus, a problem can arise if the IP for an URL changes before the 24 hour period is up. In this case an error message will result if you try to connect to the URL. It is not a frequent occurrence but is not unknown. Another more common problem can arise from URLs that are temporarily busy or from congested Internet traffic. If a negative response is received from an attempt to connect, that result is also kept in the local cache. The default time period for retaining a negative response is five minutes. In other words, once a negative response is received you will not be able to connect to the site for at least five more minutes. Since temporary congestion lasting a few seconds is often the cause of a momentary inability to connect to a site, this delay of five minutes can be a nuisance.

DNS Resolver Cache

Clear the DNS Resolver Cache

Fortunately, it is possible to clear out the local DNS cache in order to get around these types of problems. Windows XP comes with a useful command-line utility, ipconfig, which has a switch, flushdns, for removing the entries in the cache. Open a command prompt and enter "ipconfig /flushdns" (without quotes) and the cache will emptied. Personally, I find that it sometimes speeds up Internet browsing to do this flush even when there are no obvious error messages. If you are curious about the contents of the DNS cache, they can also be seen by using ipconfig. In this case open a command prompt and enter "ipconfig /displaydns". If you are experiencing trouble connecting to a particular Web site, it may be useful to see if its URL is in the cache and what IP is being used.

Configure the DNS Resolver Cache

A way to minimize problems from the long default wait times that are used for holding data in the DNS cache is to reduce the times (known as Time to Live or TTL). This requires a Registry edit so should be done only by those who know how to restore their Registry. The Registry key that is involved is

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNSCache\Parameters

The binary entry MaxCacheEntryTtlLimit can be used to control how long positive responses are kept. Values are in seconds and the default value in the absence of an entry (the usual case) is 86,400 seconds or one day. If you wish to shorten the TTL, create the entry and enter your preferred time in seconds. Most PC users will probably not gain much this way, however.

Negative responses are another story. I often encounter Web sites that do not respond immediately but which are available after a short wait and a retry. A wait of five minutes would be neither convenient nor necessary. I see no reason to store negative responses in the DNS cache and I have tweaked my own Registry to prevent them from being entered. In this case create a binary entry for the above Registry key and name it NegativeCacheTime. Set the value to "0" (zero). If you prefer to keep the negative responses, but with a shorter TTL, enter the appropriate number of seconds. The default TTL is 300 seconds.

Defend Against Responses from Non-Queried Servers

If its settings are left alone, the DNS cache will also accept responses from servers that it never queried. In other words, Web sites that you never tried to reach could send a message looking like a response and it would be stored in the cache. This is a security hole that might allow unauthorized DNS servers to send invalid information for the purpose of misdirecting subsequent DNS queries.

Again a Registry edit is called for. To disable responses from sites that you never asked for, create a DWORD entry named QueryIpMatching . Put it in the same Registry key above and give it a value of 1.

Now that you've gotten free know-how on this topic, try to grow your skills even faster with online video training. Then finally, put these skills to the test and make a name for yourself by offering these skills to others by becoming a freelancer. There are literally 2000+ new projects that are posted every single freakin' day, no lie!


Previous Article
Next Article


Doby Eze's Comment
i need it!!!
06 Sun Jan 2013
Admin's Reply:

And now you have it Doby




lordoxford's Comment
I, too have a set of dodgy URLs left in the cache after flushing. Could some hidden malware be "Re-filling the cache?
05 Wed Dec 2012
Admin's Reply:

Could be, I would scan the computer thoroughly if things are getting auto-populated.




Joe T.'s Comment
Hello, I have a question: wouldn't it be better to have the local pc save the dns info for even longer than a day, maybe a week? Especially if you go to the same sites frequently? How often do websites change their ip addresses? Setting the negatives to "0" would also help. Thanks.
10 Wed Aug 2011
Admin's Reply:

 well Joe you have to search for more details. I ll look into for more information as well. let me know what do you got so that we can post our findings on the site for future.




Jasper's Comment
Nice stuff this. Understandable for everyone, keep it up!
02 Tue Aug 2011
Admin's Reply:

I will do my best jasper :)




dell desktops's Comment
I really liked your blog quite informative and interesting facts and figures you have discussed on your blog even the comments are very fruitful and helpful in enhancing the knowledge regarding the topic.
29 Fri Apr 2011
Admin's Reply:

you're welcome
 




ray randall's Comment
using ipconfif /flushdns is not emptying it, anmd the content is really dubiouse ie ''sexmultis.info'' there are 18 weird sites listed...help
11 Fri Mar 2011
Admin's Reply:

hmm, anyone here that can help?




Joro's Comment
http://acolytesonline.com/register/ i can logg here admins say me that my DNS is cached and i have to write on cmd console Ipconfig/flushdns but i write them show that "RESOLVED CATCHE is ready or somethink like that" and nothink i cant open sait still..
19 Tue Oct 2010
Admin's Reply:



Howsun Ding's Comment
It still make the grinding noise for me? Please advise.
22 Mon Mar 2010
Admin's Reply:

i can help but you need to brief your problem




shapna's Comment
this web site has been informative and helpful in the level of language and detail described.
11 Thu Feb 2010
Admin's Reply:

I'm glad to know it's helpful Shapna. And your comment is just as helpful to me.




Dick's Comment
I understand. But I have a Mac and I'm not sure this helps.
07 Sun Feb 2010
Admin's Reply:

I think it applies to Mac as well as Windows