Don't cache 'negative' DNS lookups on Windows systems

This one is a little bit esoteric. Scenario:

  1. You try to connect to somesystem.yourdomain.com and fail - the name cannot be looked up.
  2. You discover that the DNS record is missing in your DNS server, and you fix it by adding the correct record.
  3. ... but you still can't connect to somesystem.yourdomain.com from your workstation!
What's happening here is that your system has cached a 'negative lookup'. Your local DNS cache basically doesn't think the DNS name exists - and it will go on thinking that until the cached entry expires.

Here is an example:
C:\Tools>ipconfig /displaydns

Windows IP Configuration
1.0.0.127.in-addr.arpa
----------------------------------------
Record Name . . . . . : 1.0.0.127.in-addr.arpa.
Record Type . . . . . : 12
Time To Live . . . . : 0
Data Length . . . . . : 4
Section . . . . . . . : Answer
PTR Record . . . . . : localhost

nosuchmachine.cojones.org
----------------------------------------
Name does not exist.

adminfoo.net
----------------------------------------
Record Name . . . . . : adminfoo.net
Record Type . . . . . : 1
Time To Live . . . . : 308
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 67.15.36.7

localhost
----------------------------------------
Record Name . . . . . : localhost
Record Type . . . . . : 1
Time To Live . . . . : 0
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1

Here we see that the machine nosuchmachine.cojones.org was looked up, and found to be nonexistent. Now, even if I go and create a DNS record for nosuchmachine, my host will not resolve that name until the 'negative result' entry is flushed from my cache. I can manually flush it with an ipconfig /flushdns command.
Or I could put the following registry entries into my system:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]
"NegativeCacheTime"=dword:00000000
"NetFailureCacheTime"=dword:00000000
"NegativeSOACacheTime"=dword:00000000


Essentially this will tell my system to never cache 'negative lookups'.

source:adminfoo

What's on Your Mind...

Thank f' u C0mment