Dns Cache -- Thanks for any help

[Joe Hardin]

The setup:

1. Win2K dns servers with forwarding enabled.
2. Win2K Pro and XP Pro workstations.
3. T-1 internet connection.

When a workstation cannot resolve a browser request and the request is sent
to the local dns server and it cannot locally resolve but must forward the
request to the internet, does the local Win 2K server cache the results from
the remote internet dns server that was used as a forwarder?

Without editing the registry, is there a "more safe" method of increasing
the size of the Win 2K server's dns cache?

I'm considering any and everyway to speed up the internet browsing as you
can tell.

Thanks for everyone's comments,

Joe Hardin
Taylorsville, MS

(e-mail address removed)

 

[Herb Martin]

The setup:

1. Win2K dns servers with forwarding enabled.
2. Win2K Pro and XP Pro workstations.
3. T-1 internet connection.

When a workstation cannot resolve a browser request and the request is sent
to the local dns server and it cannot locally resolve but must forward the
request to the internet, does the local Win 2K server cache the results from
the remote internet dns server that was used as a forwarder?

Yes. (if it caches at all which is the expect default.)

Without editing the registry, is there a "more safe" method of increasing
the size of the Win 2K server's dns cache?

I will bet it is already bigger than you need.
What makes you think it is full? Generally it is
TIME sensitive rather than size restricted.

Win2000+ stations also cache locally.

I'm considering any and everyway to speed up the internet browsing as you
can tell.

ISA is your friend.

To where do your internal DNS server forward?

You might help slightly if you forward to your gateway/
firewall and let it forward to the ISP DNS rather than
direct.

 

[Joe Hardin]

Herb,

Thanks for your comments. The intranet dns servers are caching, but I only
see via ipconfig /displaydns cache entries for the other intranet servers
that they are replicating with. When I look in the cache on my XP
workstation, I see locations of sites I have browsed to. What I now wonder
about, is why are the locations I have browsed to, cached on the intranet
server dns for other intranet clients to use?

I also understand what you are saying about allowing the firewall to
forward, but our firewall manufacturer says that can be problematic at times
so we disabled that function not long after the firewall installation. By
doing so, browsing speed increased.

Any additional comments or help is appreciated. I would really like for
more items to be cached on the servers so they would be available for other
clients.

Thanks,

Joe
(e-mail address removed)

 

[Herb Martin]

Herb,

Thanks for your comments. The intranet dns servers are caching, but I only
see via ipconfig /displaydns cache entries for the other intranet servers
that they are replicating with.

IPConfig /displayDNS is strictly a CLIENT DNS
function. It has nothing to do with the DNS server
(as a server).

In fact, it should generally be disabled on a DNS
server by stopping the "DNS Client" service.

When I look in the cache on my XP
workstation, I see locations of sites I have browsed to. What I now wonder
about, is why are the locations I have browsed to, cached on the intranet
server dns for other intranet clients to use?

Yes, because the XP clients are DNS clients and
caching their own resolutions -- the DNS server
is probably not browsing the Internet (as a client
of HTTP, NOR of DNS for very much.)

I also understand what you are saying about allowing the firewall to
forward, but our firewall manufacturer says that can be problematic at times
so we disabled that function not long after the firewall installation. By
doing so, browsing speed increased.

Problematic at times?

Are they saying their firewall DNS server is buggy?

Replace it with one that works if this is an issue
for you.

Any additional comments or help is appreciated. I would really like for
more items to be cached on the servers so they would be available for other
clients.

ISA or another Proxy server will offer more performance
benefits for most people. (You can also run a caching DNS
server on that machine which is what I do.)

 

[Ace Fekay [MVP]]

In Joe Hardin <[email protected]> made a post then I commented below
:: Herb,
::
:: Thanks for your comments. The intranet dns servers are caching, but
:: I only see via ipconfig /displaydns cache entries for the other
:: intranet servers that they are replicating with. When I look in the
:: cache on my XP workstation, I see locations of sites I have browsed
:: to. What I now wonder about, is why are the locations I have
:: browsed to, cached on the intranet server dns for other intranet
:: clients to use?
::
:: I also understand what you are saying about allowing the firewall to
:: forward, but our firewall manufacturer says that can be problematic
:: at times so we disabled that function not long after the firewall
:: installation. By doing so, browsing speed increased.
::
:: Any additional comments or help is appreciated. I would really like
:: for more items to be cached on the servers so they would be
:: available for other clients.
::
:: Thanks,
::
:: Joe


As Herb mentioned, adjusting the cache size is not going to help. It's large
as it is. ISA or some other form of proxy will help speed up Internet
"browsing" for web browsers.

I'm not sure what you mean by browsing being "slow". Maybe you can elaborate
on that.

Is the initial connection slow?
Once the site is connected, does it take long to display the page?

As Herb also said, looking at the client cache has nothign to do with the
server's DNS cache. That is viewed by putting the view options to Advanced
to see the cached lookups in the DNS console. Keep in mind, ipconfig
/displaydns on a DNS server does NOT show the DNS service cache, just it's
DNS client side service, which every machine has for it's own lookups. The
DNS service cache is independent of that.

You can use NetDIG found (free) at www.mvptools.com. Do some queries to some
web addresses and it will display the speed of the query in milliseconds.
Try different DNS servers. If you find a faster one, use that as a
forwarder, as long as the "RA" (Recursion Available, which is the answer to
RD - Recursion Desired), bit is turned on. You can see that in the output.

Ace

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Without editing the registry, is there a "more safe"
method of increasing the size of the Win 2K server's dns
cache?

Win2k DNS server does not control the size of the DNS cache. The DNS server
cache is controlled by the Time To Live of the cached records, up to the
maximum cached Ttl of the DNS server. Default MaxCacheTtl is 1 day (no
registry value) on MS DNS and most records, except maybe NS records, have a
Ttl of less than one day so increasing the Maximum cache time generally only
affects cached NS records. In fact I have found that most A and Cname
records have a TTl of 1 hour or less.

That said, there is no way of changing the MaxCacheTtl of the DNS service
without editing the registry, although you can change or add the MaxCacheTtl
of the DNS server with dnscmd.
813964 - Description of DNS registry entries in Windows 2000 Server, part 2
of 3:
http://support.microsoft.com/default.aspx?kbid=813964

 

[Herb Martin]

That said, there is no way of changing the MaxCacheTtl of the DNS service

without editing the registry, although you can change or add the MaxCacheTtl
of the DNS server with dnscmd.

Even then, the server will NOT cache longer than
the AUTHORITATIVE (owning) DNS server provides
on the TTL of the response.

Max is what it says, the max for any record.

 

[Andrew Hodgson]

The setup:

1. Win2K dns servers with forwarding enabled.
2. Win2K Pro and XP Pro workstations.
3. T-1 internet connection.

To where does the DNS servers forward queries to?

When a workstation cannot resolve a browser request and the request is sent
to the local dns server and it cannot locally resolve but must forward the
request to the internet, does the local Win 2K server cache the results from
the remote internet dns server that was used as a forwarder?

Yes by default.

Without editing the registry, is there a "more safe" method of increasing
the size of the Win 2K server's dns cache?

Its already big enough for most uses. The cache by default goes on
the TTL value for records, as this is usually set by someone who knows
how long that record will be in use for. For example, in my setup,
DNS records for hodgsonfamily.org I have been asked to be cached for
at maximum 1 day (86400 seconds), as the information there doesn't
change much, but in some instances this needs bringing down to five
minutes or less, due to the changing nature of the data.

I'm considering any and everyway to speed up the internet browsing as you
can tell.

Don't look towards DNS - there may be more effective ways:

- Install Proxy server on the LAN which caches pages;
- Have a firewall or another DNS server which gets data from root
hints, also having a cache (I have found that in my setup this has
worked great).

Hope this helps,
Andrew.

 

[Andrew Hodgson]

Herb,

Thanks for your comments. The intranet dns servers are caching, but I only
see via ipconfig /displaydns cache entries for the other intranet servers
that they are replicating with. When I look in the cache on my XP
workstation, I see locations of sites I have browsed to. What I now wonder
about, is why are the locations I have browsed to, cached on the intranet
server dns for other intranet clients to use?

This is because the command you are using, will not look at the _DNS
Server_ cache, but the _DNS client_ cache, which are quite different.
That is what I would expect to see using that command on a standard
server setup, as usually that server is not going to many sites etc,
not like a typical workstation, which may browse through several sites
an hour.

I also understand what you are saying about allowing the firewall to
forward, but our firewall manufacturer says that can be problematic at times
so we disabled that function not long after the firewall installation. By
doing so, browsing speed increased.

Which firewall is this?

Andrew.

 

[Jonathan de Boyne Pollard]

I'm considering any and everyway to speed up the internet [sic] browsing as you can tell.




What makes you think that DNS service is the bottleneck (rather than, say, repeated HTTP fetches of the same object or simple web page bloat)?  Have you made any measurements at all?  Profile; don't speculate.