View Single Post
  #34  
Old January 2nd 18, 03:37 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Windows DNS cache

Mayayana wrote:
"Brian Gregory" wrote

| I was wondering what all this talk was of Windows
| DNS Cache. I'd never heard of it. It should be clarified
| that "Windows DNS Cache" is actually the DNS Client
| service. It doesn't need to be enabled at all for most
| people. It's possible that people on a network with
| Active Directory may need it. I'm not familiar with
| that. I suspect they don't and that it will only save
| on a few intranet calls.
| I've had DNS Client disabled for years and see no
| reason to enable it.
|
| You don't need it if you LAN has it's own DNS cache but I guess it might
| be worth saving the 12MB of RAM it uses to save doing unnecessary DNS
| lookups over the Internet.
|
?? This post was close to 2 years old.

I don't have a LAN. I don't allow sharing with other
computers for security reasons.


There are a couple possibilities.

RJ11 +----------------------------------+ RJ45 Eth +-------------
---| ADSL Modem alone or |-----------| Single PC
| ADSL Modem/Router in Bridged Mode| PPPOE | Enter user/pass for PPPOE in a windows dialog.
+----------------------------------+ | (Older Windows don't have PPPOE, but do have PPP dialup)
| Windows Firewall, *only protection*
| Can be port scanned for fun and profit.
| This is the dumb option, almost like DMZ.
+-------------
or you could have the more normal setup

RJ11 +----------------------------------+ RJ45 Eth +-------------
---| ADSL Modem/Router in Routed Mode |-----------| Single PC
| (ISP default, terminates PPPOE| | "Normal" | No password in this box, for network
| You put user/pass inside this box| | Windows Firewall optional for IPV4
| IPV4 offers NAT | | Windows Firewall likely useful for IPV6.
| IPV6 is security by obscurity | +-------------
+----------------------------------+

You can buy single port routers, such as the BEFSR41 years ago.
It had one WAN port and one LAN port. A single port router
translates between 192.168.0.2 LAN to whatever DHCP WAN address
the ISP gives you on PPPOE login. The "ipconfig" command
can give you some idea, just how bonkers your setup is :-)

In the first picture, your "ipconfig" local address is
an internet address, like 71.123.100.32.

In the second picture, since routing and local DHCP are
in usage, your local address could be 10.x.x.x or 192.168.x.x
and so on. The second picture offers some protection for IPV4.
Depending on how addresses are allocated (apparently there's
more than one way to do it), link local addresses
on IPV6 number 4 billion. So if someone wants to scan you,
it would take a while just based on IP address alone.

Google bought a block of 2^96 IPV6 addresses, leaving 2^64
to address homes, and 2^32 inside each home for IoT etc.
I'm still not using IPV6, and have little interest in it
(it generally sucks for things I care about). It would
be a nightmare to monitor, just to read and translate
what the hell the addresses mean. When the day
comes that I need to switch, I'm going to have to hire
a "network guy" :-( Just so I don't get it wrong.

Paul
Ads