cached lookups

[Auddog]

What is the cached lookups in the DNS tree? Are these lookups necessary? I
currently have only one .(root) in mine, is this safe to delete? I don't
remember seeing these types of items before in my DNS server, but my network
seems to be slowing down later in the day. Just wondering.

A

 

[Herb Martin]

What is the cached lookups in the DNS tree?

Whenever a DNS server looks up a record, it caches (or remembers)
that lookup result for a period of time (TTL or Time To Live) which
is actually SET by the authoritative server (the one which owns the
record.)

Are these lookups necessary?

Technically no, but practically they are important for efficiency.

I currently have only one .(root) in mine, is this safe to delete?

Yes, but do not do that EXCEPT when you have "bad" records
in there and need to clear the cache.

Don't mess with it unless you KNOW there is a specific problem.

I don't remember seeing these types of items before in my DNS server, but
my network seems to be slowing down later in the day. Just wondering.

Deleting the cache would typically make it slower if anything, but
perhaps not enough you would notice for certain.

Something else is going on for the slowness.

 

[ObiWan [MVP]]

Technically no, but practically they are important for efficiency.

<snip>

just to add my 2 cents; let's say your DNS server needs to lookup
the address for www.microsoft.com and let's also say that the DNS
has just been started and its cache it totally empty; all the DNS knows
are the addresses of the root servers; here's what the DNS will do:

check if the cache contains any information about the query, since
as we wrote the cache is empty, it won't find any information

go to the root servers (aka root hints), pick one of the server and
asks it the address of www.microsoft.com the root server knows
nothing about the full requested name but knows that the "com"
TLD is served by the "gTLD" DNS servers, so it returns the list
of addresses for those servers

so your DNS server goes on, picks one of the addresses of the
gTLD servers and asks it the address for www.microsoft.com
the gTLD server doesn't know about www but knows that the
microsoft.com domain is handled by the microsoft.com DNS
servers, so returns the list of those DNS servers

again, your DNS goes on, picks one of the addresses of the
microsoft.com DNS servers and asks for the address of
www.microsoft.com this time the DNS queried is authoritative
for the domain and returns the requested information

now, keep in mind that your DNS will cache each answer it
receives; so now the cache will contain informations about
the gTLD servers and the microsoft.com servers (and some
more infos); at this point let's say the DNS receives a query
for the address of ftp.microsoft.com; it will repeat the above
process, but this time it will find something inside the cache;
while it won't find the requested infos, it will find the addresses
for the microsoft.com DNS servers, so instead of performing
all the above "trip" the DNS will directly go to one of the MS
DNS servers and ask it for the address of ftp.microsoft.com
and ... will receive the needed answer; to make another
example; let's say now you ask your DNS to resolve the
address for www.cisco.com

The DNS knows nothing about "cisco" but it knows that the
"com" TLD is handled by the gTLD servers (see above) so
it will go there, from there to the "cisco.com" DNS servers
and at this point will receive the answer

as you see caching is important to speed up things and to
avoid overloading the external servers with unneeded
queries; by the way, I oversimplified the above; we should
also consider TTL and other stuff, but I hope the above may
help understanding how the DNS works and why caching
infos is important

HTH


--

* ObiWan

Microsoft MVP: Windows Server - Networking
http://www.microsoft.com/communities/MVP/MVP.mspx
http://italy.mvps.org