A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » General XP issues or comments
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Windows DNS cache (was: Why does Firefox not respect the HOSTS file in Windows)



 
 
Thread Tools Display Modes
  #1  
Old July 2nd 16, 09:31 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
J. P. Gilliver (John)
external usenet poster
 
Posts: 5,291
Default Windows DNS cache (was: Why does Firefox not respect the HOSTS file in Windows)

In message , Char Jackson
writes:
[]
You can view the Windows DNS cache with the following command:

ipconfig /displaydns


Thanks, interesting.

By repeatedly running the following command, which simply pulls out the Time
To Live (TTL) values for easier visibility, you can see the TTL starting
values as well as seeing the TTL count down toward zero. When it hits zero,
the DNS entry is removed from the cache.

ipconfig /displaydns | find "Time To Live"

Lastly, for testing purposes, you can clear the Windows DNS cache with the
following command:

ipconfig /flushdns

There are no ill effects as a result of clearing the cache. It simply
rebuilds over time, as necessary.

I did it, and (I'm running XP) it said

Successfully flushed the DNS Resolver Cache.

I then did ipconfig /displaydns | find "Time To Live" again, and it
looked to still have the same number of lines; doing it without the pipe
to "find" (piping to "more" instead) looks the same, too.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Don't hit the keys so hard, it hurts.
Ads
  #2  
Old July 2nd 16, 10:47 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
VanguardLH[_2_]
external usenet poster
 
Posts: 10,881
Default Windows DNS cache

J. P. Gilliver (John) wrote:

I did it, and (I'm running XP) it said

Successfully flushed the DNS Resolver Cache.

I then did ipconfig /displaydns | find "Time To Live" again, and it
looked to still have the same number of lines; doing it without the pipe
to "find" (piping to "more" instead) looks the same, too.


Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es
\DNSCache\Parameters

Data: MaxCacheEntryTtlLimit (DWORD)
Default value is 86,400 seconds (1 day)
How long a positive DNS query remains locally cached.

Data: NegativeCacheTime value (DWORD)
Default value is 300 seconds.
How long a negative DNS query (failure) remains cached.

Defaults get used if the registry entry is not defined. Setting
MaxCacheEntryTtlLimit to 1 effectively disables the local DNS cache (TTL
is only 1 second). This is what Microsoft recommends. Don't know what
happens if you set it to 0 (sometimes endpoints in a range have special
meaning so maybe 0 means indefinite caching time). You could also
disable the "DNS Client" service (stop and set to Disable startup mode)
and then also flush the current cache contents. Of course, that means
if a web page has hundreds of hostnames all of which need to be resolved
(they are absolutely pathed to the same or different domain versus
relatively path to the same host) then you will be making a lot more DNS
requests outside your host to whatever DNS server you use.

Firefox has its own internal DNS cache. To disable it, set
network.dnsCacheExpiration to 0 (zero) - which means you would use
Windows local DNS cache unless that was also disabled which means you
would also issue DNS requests to an outside DNS server for every
non-relatively pathed resource in a web page (which could be scripts,
CSS, and other non-ad/tracking resources).

Note: Just because an old setting is still listed in about:config does
not mean Firefox still honors it. I've read contradicting articles
dated July 2016 claiming that a "new version" (not mentioned) has
Firefox using the local DNS cache in the OS. In FF 47.0.1, the
about:cache page is still defined (and mine shows non-zero values), so
maybe some near-future version is going to drop the internal DNS cache.

  #3  
Old July 4th 16, 03:12 PM posted to alt.windows7.general,microsoft.public.windowsxp.general
Char Jackson
external usenet poster
 
Posts: 10,449
Default Windows DNS cache (was: Why does Firefox not respect the HOSTS file in Windows)

On Sat, 2 Jul 2016 09:31:22 +0100, "J. P. Gilliver (John)"
wrote:

In message , Char Jackson
writes:
[]
You can view the Windows DNS cache with the following command:

ipconfig /displaydns


Thanks, interesting.

By repeatedly running the following command, which simply pulls out the Time
To Live (TTL) values for easier visibility, you can see the TTL starting
values as well as seeing the TTL count down toward zero. When it hits zero,
the DNS entry is removed from the cache.

ipconfig /displaydns | find "Time To Live"

Lastly, for testing purposes, you can clear the Windows DNS cache with the
following command:

ipconfig /flushdns

There are no ill effects as a result of clearing the cache. It simply
rebuilds over time, as necessary.

I did it, and (I'm running XP) it said

Successfully flushed the DNS Resolver Cache.

I then did ipconfig /displaydns | find "Time To Live" again, and it
looked to still have the same number of lines; doing it without the pipe
to "find" (piping to "more" instead) looks the same, too.



The primary intent of that command string was to highlight the TTL of the
various cache entries and to illustrate how the TTL decrements to zero,
followed by the cache entry being removed. Having said that, if there are
cache entries that are simply waiting to time out (not corresponding to any
current network activity, for example), then a flush should clear them and
they won't immediately reappear. However, if you have current network
activity, then clearing the cache might indeed appear to be very temporary.
I'd expect to see a refresh of the TTL, though. The command string above
would highlight that.

--

Char Jackson
  #4  
Old July 4th 16, 03:38 PM posted to alt.windows7.general,microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default Windows DNS cache (was: Why does Firefox not respect the HOSTS file in Windows)

| You can view the Windows DNS cache with the following command:
|
| ipconfig /displaydns
|
| Thanks, interesting.
......
| I did it, and (I'm running XP) it said
|
| Successfully flushed the DNS Resolver Cache.
|

I was wondering what all this talk was of Windows
DNS Cache. I'd never heard of it. It should be clarified
that "Windows DNS Cache" is actually the DNS Client
service. It doesn't need to be enabled at all for most
people. It's possible that people on a network with
Active Directory may need it. I'm not familiar with
that. I suspect they don't and that it will only save
on a few intranet calls.
I've had DNS Client disabled for years and see no
reason to enable it.


  #5  
Old January 1st 18, 03:30 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Brian Gregory
external usenet poster
 
Posts: 648
Default Windows DNS cache

On 04/07/2016 15:38, Mayayana wrote:
| You can view the Windows DNS cache with the following command:
|
| ipconfig /displaydns
|
| Thanks, interesting.
.....
| I did it, and (I'm running XP) it said
|
| Successfully flushed the DNS Resolver Cache.
|

I was wondering what all this talk was of Windows
DNS Cache. I'd never heard of it. It should be clarified
that "Windows DNS Cache" is actually the DNS Client
service. It doesn't need to be enabled at all for most
people. It's possible that people on a network with
Active Directory may need it. I'm not familiar with
that. I suspect they don't and that it will only save
on a few intranet calls.
I've had DNS Client disabled for years and see no
reason to enable it.



You don't need it if you LAN has it's own DNS cache but I guess it might
be worth saving the 12MB of RAM it uses to save doing unnecessary DNS
lookups over the Internet.

--

Brian Gregory (in the UK).
To email me please remove all the letter vee from my email address.
  #6  
Old January 1st 18, 04:38 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
VanguardLH[_2_]
external usenet poster
 
Posts: 10,881
Default Windows DNS cache

Brian Gregory wrote:

Note: I'm not going to reconstruct the attribution lines that Mayayana
discards in his replies. So I only quote Brian's post in my reply in
this subthread.

You don't need it if you LAN has it's own DNS cache but I guess it might
be worth saving the 12MB of RAM it uses to save doing unnecessary DNS
lookups over the Internet.


Pages nowadays have resources across many and far flung sites. The
content of a page can have ad resources on CDNs (content delivery
networks), scripts on tertiary domains (same or different owner than the
visited domain), CSS files on other servers, etc. All those resources
require DNS lookups. With some pages having hundreds of externally
linked resources, there can be hundreds of such DNS requests in just one
page. Rarely do sites use IP addresses for their external resources.
Some resources may be relatively pathed (i.e., under the same domain as
visited) but many sites incorporate off-site or external resources.

Having a local cache to shortcut the DNS lookups by finding the IP
address for a previously visited site will speed up all those DNS
lookups. The positive lookups (those that succeeded) are cached for
only a day, by default. The negative lookups (that that failed) are
cached for only 4 hours, by default. Registry entries can be used to
alter those retention intervals. If the local DNS caching client is
disabled, ALL those hostnames (even those on the same domain) will have
to get looked up by issuing DNS requests out to the network, out to the
Internet, to the specified DNS server (which the user can specify or use
the one assigned to them by whatever upstream DHCP server they use which
is often their ISP's). All that DNS network traffic takes time.

The time for hundreds of DNS lookup requests and waiting to get back a
response (the IP address for the external resources on a page) is very
short. Whether you use a DNS caching client or not, speeding that up
will not alter the time it takes for those external resources to deliver
their content for that page. That's why many users use adblockers to
eliminate the time to download the unwanted content.

You can use GRC's DNSbench to see what are the request and acknowledge
times for DNS lookup requests. Different DNS server will have differing
response times, and that includes the hops between your endpoint and the
targeted DNS server.

https://www.grc.com/dns/benchmark.htm

I would suggest editing their install-time list of DNS servers as there
are *many* that are of no use to you or will never be considered for
use. This tool will also indicate which servers will redirected failed
lookups to their "help" redirection site (for which they get
clickthrough revenue) and which will break some webcentric apps that
actually expect a negative (failed) DNS lookup to return a code rather
than a success code when reaching their redirection page. Some DNS
servers include some filtering, like eliminating or blocking known
malicious sites (but there are always a few false positives in those
blacklists). For me, I configured the IP protocols on my PC to use the
following DNS servers in the following order: Google DNS (8.8.8.8 and
2001:4860:4860::8888), OpenDNS (208.67.222.222 and 2620:0:ccc::2), and
my router's internal DNS server (10.0.0.1 and 0:0:0:0:0:ffff:a00:1).
This is the preference or fallback order: first to last.

OpenDNS includes a malicious site filter that you cannot disable (unless
you enlist as a reporter with them). However, I found them (according
to DNSbench) to be a tad slower overall than Google's. My router's
internal DNS server is not really a server. It is a transparent proxy
that merely passes all DNS requests up to its upstream DNS filter. The
router is configured to use DHCP which means the router will use my
ISP's DNS server; however, that is only used if the prior DNS servers
listed in preference order are unreachable (fallback order uses the
router last). Remember to do the static DNS server config for both IPv4
and IPv6 addressing.

The only time it is recommended to disable the DNS Client server (the
local DNS cache) is when using pre-compiled and HUGE 'hosts' files. The
'hosts' file entries are used before using the local DNS cache. In
9x-based Windows, it was noticed the DNS Client could add overhead to
using a huge 'hosts' file (I'm talking about the thousands of entries in
the 'hosts' file versus the few to a couple hundred for which that text
file opened on every DNS lookup and read sequentially line by line was
designed for). However, those huge pre-compiled 'hosts' files (used for
ad and tracking blocking) add more overhead than does the DNS Client's
caching. Those pre-compiled 'hosts' file are huge. The one from MVPS
is over *14 THOUSAND* lines long. The 'hosts' file is not cached into
memory. It is opened (file I/O API system call) and read one line at a
time to sequentially scan the text file for a matching entry on a
hostname. It only works on hostnames, not domains, and why there are
dozens and dozens of entries for just one resource (e.g., 117 for
doubleclick in the MVPS pre-compiled 'hosts' file).

I don't believe the DNS Client has incurred overhead on a prior 'hosts'
success lookup for a long time in NT-based Windows. As with any
process, the DNS Client service will consume resources (CPU and RAM) but
it's been awhile since users are still using such ancient processors
with tiny system RAM and a slow data bus on the mobo. However, the user
might wish to tweak the DNS Client's settings in the registry to
immediately flush negative (failed) DNS lookups. The default is 900
seconds (15 minutes). The site may fix a problem but the user will
continue to get failed lookups due to the local DNS caching still
listing a negative result for that host, but 15 minutes isn't very long.
It eliminates you (or external resource links in a delivered web page)
from wasting time to query a DNS server only to get back yet another
failed result. See Microsoft's KB 318803 (http://tinyurl.com/ybjwbc37).
86400 seconds (24 hours) is the default cache time for positive results.
If you often visit flaky or unreliable site or the type that move around
a lot, you might want to shorten this to, say, 4 hours which is probably
longer than your web sessions in your HTTP client. Because these
registry tweaks are under the HKEY_Local_Machine hive, changes there
will affect all users accounts in that instance of Windows. If the
settings are absent in the registry, the defaults get used.

I've left the positive cache set to the 24-hour expiration. I don't
leave the web browser open all day but I may load it several times per
day and often revisit the same sites (or different sites often access
the same off-domain resources; e.g., the Google site for jquery). Since
I'm using the defaults, negative results are cached for 15 minutes. I
don't visit sites by hostname that move around that often, and if I get
a negative DNS result then it is cleared in 15 minutes which is probably
longer than me figuring out the cause of the problem with the site being
faster than that to correct the problem.

There is also the issue that many ISP's operate caching DNS servers.
This is to quickly return a positive result for the same lookup request
from hundreds, or more, of their customers. Server-side caching helps
but you have no control over their positive and negative cache
expirations. The GRC DNSbench tool will measure the difference between
raw or uncached DNS lookup requests versus those return due to
server-side DNS caching: red = cached DNS lookup time, green = uncached
DNS lookup time, blue = dot.com lookup time since .com is the most
widespread TLD [top-level domain].
  #7  
Old January 1st 18, 04:45 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default Windows DNS cache

"Brian Gregory" wrote

| I was wondering what all this talk was of Windows
| DNS Cache. I'd never heard of it. It should be clarified
| that "Windows DNS Cache" is actually the DNS Client
| service. It doesn't need to be enabled at all for most
| people. It's possible that people on a network with
| Active Directory may need it. I'm not familiar with
| that. I suspect they don't and that it will only save
| on a few intranet calls.
| I've had DNS Client disabled for years and see no
| reason to enable it.
|
| You don't need it if you LAN has it's own DNS cache but I guess it might
| be worth saving the 12MB of RAM it uses to save doing unnecessary DNS
| lookups over the Internet.
|
?? This post was close to 2 years old.

I don't have a LAN. I don't allow sharing with other
computers for security reasons.

If you look it up I think you'll find that the "time to live"
for these things is very brief, anyway. A day or less:

http://webcache.googleusercontent.co...&gbv=1&ct=clnk

Browsers can store their own cache. The default DNS
cache expiry in Firefox is 1 minute. The idea is not to
store a phone book but rather to save repeated DNS
requests for the same URL during a session.

If the cache were long-lived there would be problems
when a site changes IP address. I ran into that at one
point when I found that several sites had disappeared.
I finally figured out that the DNS proxy I use, Acrylic,
stores a much longer DNS stash. Something like 10 days.
Most of the time that's OK, but only if you know about
it and know to clear that cache if anything goes wrong.

Aside from that, I don't know of any reason to cache
DNS or to worry about cache. The storage time is brief
and the time required for a DNS query is negligible. So
it doesn't much matter one way or the other.



  #8  
Old January 2nd 18, 02:40 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Brian Gregory[_2_]
external usenet poster
 
Posts: 166
Default Windows DNS cache

On 01/01/2018 03:38, VanguardLH wrote:
Brian Gregory wrote:

Note: I'm not going to reconstruct the attribution lines that Mayayana
discards in his replies. So I only quote Brian's post in my reply in
this subthread.

You don't need it if you LAN has it's own DNS cache but I guess it might
be worth saving the 12MB of RAM it uses to save doing unnecessary DNS
lookups over the Internet.


Pages nowadays have resources across many and far flung sites. The
content of a page can have ad resources on CDNs (content delivery
networks), scripts on tertiary domains (same or different owner than the
visited domain), CSS files on other servers, etc. All those resources
require DNS lookups. With some pages having hundreds of externally
linked resources, there can be hundreds of such DNS requests in just one
page. Rarely do sites use IP addresses for their external resources.
Some resources may be relatively pathed (i.e., under the same domain as
visited) but many sites incorporate off-site or external resources.

Having a local cache to shortcut the DNS lookups by finding the IP
address for a previously visited site will speed up all those DNS
lookups. The positive lookups (those that succeeded) are cached for
only a day, by default. The negative lookups (that that failed) are
cached for only 4 hours, by default. Registry entries can be used to
alter those retention intervals. If the local DNS caching client is
disabled, ALL those hostnames (even those on the same domain) will have
to get looked up by issuing DNS requests out to the network, out to the
Internet, to the specified DNS server (which the user can specify or use
the one assigned to them by whatever upstream DHCP server they use which
is often their ISP's). All that DNS network traffic takes time.

The time for hundreds of DNS lookup requests and waiting to get back a
response (the IP address for the external resources on a page) is very
short. Whether you use a DNS caching client or not, speeding that up
will not alter the time it takes for those external resources to deliver
their content for that page. That's why many users use adblockers to
eliminate the time to download the unwanted content.

You can use GRC's DNSbench to see what are the request and acknowledge
times for DNS lookup requests. Different DNS server will have differing
response times, and that includes the hops between your endpoint and the
targeted DNS server.

https://www.grc.com/dns/benchmark.htm

I would suggest editing their install-time list of DNS servers as there
are *many* that are of no use to you or will never be considered for
use. This tool will also indicate which servers will redirected failed
lookups to their "help" redirection site (for which they get
clickthrough revenue) and which will break some webcentric apps that
actually expect a negative (failed) DNS lookup to return a code rather
than a success code when reaching their redirection page. Some DNS
servers include some filtering, like eliminating or blocking known
malicious sites (but there are always a few false positives in those
blacklists). For me, I configured the IP protocols on my PC to use the
following DNS servers in the following order: Google DNS (8.8.8.8 and
2001:4860:4860::8888), OpenDNS (208.67.222.222 and 2620:0:ccc::2), and
my router's internal DNS server (10.0.0.1 and 0:0:0:0:0:ffff:a00:1).
This is the preference or fallback order: first to last.

OpenDNS includes a malicious site filter that you cannot disable (unless
you enlist as a reporter with them). However, I found them (according
to DNSbench) to be a tad slower overall than Google's. My router's
internal DNS server is not really a server. It is a transparent proxy
that merely passes all DNS requests up to its upstream DNS filter. The
router is configured to use DHCP which means the router will use my
ISP's DNS server; however, that is only used if the prior DNS servers
listed in preference order are unreachable (fallback order uses the
router last). Remember to do the static DNS server config for both IPv4
and IPv6 addressing.

The only time it is recommended to disable the DNS Client server (the
local DNS cache) is when using pre-compiled and HUGE 'hosts' files. The
'hosts' file entries are used before using the local DNS cache. In
9x-based Windows, it was noticed the DNS Client could add overhead to
using a huge 'hosts' file (I'm talking about the thousands of entries in
the 'hosts' file versus the few to a couple hundred for which that text
file opened on every DNS lookup and read sequentially line by line was
designed for). However, those huge pre-compiled 'hosts' files (used for
ad and tracking blocking) add more overhead than does the DNS Client's
caching. Those pre-compiled 'hosts' file are huge. The one from MVPS
is over *14 THOUSAND* lines long. The 'hosts' file is not cached into
memory. It is opened (file I/O API system call) and read one line at a
time to sequentially scan the text file for a matching entry on a
hostname. It only works on hostnames, not domains, and why there are
dozens and dozens of entries for just one resource (e.g., 117 for
doubleclick in the MVPS pre-compiled 'hosts' file).

I don't believe the DNS Client has incurred overhead on a prior 'hosts'
success lookup for a long time in NT-based Windows. As with any
process, the DNS Client service will consume resources (CPU and RAM) but
it's been awhile since users are still using such ancient processors
with tiny system RAM and a slow data bus on the mobo. However, the user
might wish to tweak the DNS Client's settings in the registry to
immediately flush negative (failed) DNS lookups. The default is 900
seconds (15 minutes). The site may fix a problem but the user will
continue to get failed lookups due to the local DNS caching still
listing a negative result for that host, but 15 minutes isn't very long.
It eliminates you (or external resource links in a delivered web page)
from wasting time to query a DNS server only to get back yet another
failed result. See Microsoft's KB 318803 (http://tinyurl.com/ybjwbc37).
86400 seconds (24 hours) is the default cache time for positive results.
If you often visit flaky or unreliable site or the type that move around
a lot, you might want to shorten this to, say, 4 hours which is probably
longer than your web sessions in your HTTP client. Because these
registry tweaks are under the HKEY_Local_Machine hive, changes there
will affect all users accounts in that instance of Windows. If the
settings are absent in the registry, the defaults get used.

I've left the positive cache set to the 24-hour expiration. I don't
leave the web browser open all day but I may load it several times per
day and often revisit the same sites (or different sites often access
the same off-domain resources; e.g., the Google site for jquery). Since
I'm using the defaults, negative results are cached for 15 minutes. I
don't visit sites by hostname that move around that often, and if I get
a negative DNS result then it is cleared in 15 minutes which is probably
longer than me figuring out the cause of the problem with the site being
faster than that to correct the problem.

There is also the issue that many ISP's operate caching DNS servers.
This is to quickly return a positive result for the same lookup request
from hundreds, or more, of their customers. Server-side caching helps
but you have no control over their positive and negative cache
expirations. The GRC DNSbench tool will measure the difference between
raw or uncached DNS lookup requests versus those return due to
server-side DNS caching: red = cached DNS lookup time, green = uncached
DNS lookup time, blue = dot.com lookup time since .com is the most
widespread TLD [top-level domain].


I did most of that but now I have set up a DNS cache in my router which
intercepts all traffic aimed outwards to port 53 at any IP address and
queries OpenDNS when entries have expired.

--

Brian Gregory (in England).
  #9  
Old January 2nd 18, 03:00 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Brian Gregory[_2_]
external usenet poster
 
Posts: 166
Default Windows DNS cache

On 01/01/2018 03:45, Mayayana wrote:
"Brian Gregory" wrote

| I was wondering what all this talk was of Windows
| DNS Cache. I'd never heard of it. It should be clarified
| that "Windows DNS Cache" is actually the DNS Client
| service. It doesn't need to be enabled at all for most
| people. It's possible that people on a network with
| Active Directory may need it. I'm not familiar with
| that. I suspect they don't and that it will only save
| on a few intranet calls.
| I've had DNS Client disabled for years and see no
| reason to enable it.
|
| You don't need it if you LAN has it's own DNS cache but I guess it might
| be worth saving the 12MB of RAM it uses to save doing unnecessary DNS
| lookups over the Internet.
|
?? This post was close to 2 years old.

I don't have a LAN. I don't allow sharing with other
computers for security reasons.


Surely your PC isn't connected directly to the internet?
You should have a firewall or NAT and firewall in between.
If you have NAT then you LAN is the connection between the NAT box and
your PC. I guess if you only have a firewall then it's reasonable to say
there is no LAN.


If you look it up I think you'll find that the "time to live"
for these things is very brief, anyway. A day or less:

http://webcache.googleusercontent.co...&gbv=1&ct=clnk

Browsers can store their own cache. The default DNS
cache expiry in Firefox is 1 minute. The idea is not to
store a phone book but rather to save repeated DNS
requests for the same URL during a session.


Maybe, but if a DNS result says it's valid for longer why not cache it
for a bit longer.

It's rather a pathetic PC by modern standards that can't spare 12MB of RAM.

Mind you I'm not sure that the DNS cache in Windows 7 does cache for
that much longer than a minute.


If the cache were long-lived there would be problems
when a site changes IP address. I ran into that at one
point when I found that several sites had disappeared.
I finally figured out that the DNS proxy I use, Acrylic,
stores a much longer DNS stash. Something like 10 days.


It was probably broken then. Anything that caches DNS results should be
asking for the Time To Live of results of queries it caches and not
keeping them any longer than that as an absolute maximum. If that's too
complicated just keep them, say, an hour.


Most of the time that's OK, but only if you know about
it and know to clear that cache if anything goes wrong.


It's probably a broken cache if it keeps results longer than a day or
two absolute max. I think many people would set a DNS cache to cache no
longer than a day or two no matter what TTL was reported. Just in case
the TTL was over optimistic.


Aside from that, I don't know of any reason to cache
DNS or to worry about cache. The storage time is brief
and the time required for a DNS query is negligible. So
it doesn't much matter one way or the other.


All those queries to separate site for pictures, javascript, google
APIs, Google adverts, other adverts etc. etc.

--

Brian Gregory (in England).
  #10  
Old January 2nd 18, 03:37 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Windows DNS cache

Mayayana wrote:
"Brian Gregory" wrote

| I was wondering what all this talk was of Windows
| DNS Cache. I'd never heard of it. It should be clarified
| that "Windows DNS Cache" is actually the DNS Client
| service. It doesn't need to be enabled at all for most
| people. It's possible that people on a network with
| Active Directory may need it. I'm not familiar with
| that. I suspect they don't and that it will only save
| on a few intranet calls.
| I've had DNS Client disabled for years and see no
| reason to enable it.
|
| You don't need it if you LAN has it's own DNS cache but I guess it might
| be worth saving the 12MB of RAM it uses to save doing unnecessary DNS
| lookups over the Internet.
|
?? This post was close to 2 years old.

I don't have a LAN. I don't allow sharing with other
computers for security reasons.


There are a couple possibilities.

RJ11 +----------------------------------+ RJ45 Eth +-------------
---| ADSL Modem alone or |-----------| Single PC
| ADSL Modem/Router in Bridged Mode| PPPOE | Enter user/pass for PPPOE in a windows dialog.
+----------------------------------+ | (Older Windows don't have PPPOE, but do have PPP dialup)
| Windows Firewall, *only protection*
| Can be port scanned for fun and profit.
| This is the dumb option, almost like DMZ.
+-------------
or you could have the more normal setup

RJ11 +----------------------------------+ RJ45 Eth +-------------
---| ADSL Modem/Router in Routed Mode |-----------| Single PC
| (ISP default, terminates PPPOE| | "Normal" | No password in this box, for network
| You put user/pass inside this box| | Windows Firewall optional for IPV4
| IPV4 offers NAT | | Windows Firewall likely useful for IPV6.
| IPV6 is security by obscurity | +-------------
+----------------------------------+

You can buy single port routers, such as the BEFSR41 years ago.
It had one WAN port and one LAN port. A single port router
translates between 192.168.0.2 LAN to whatever DHCP WAN address
the ISP gives you on PPPOE login. The "ipconfig" command
can give you some idea, just how bonkers your setup is :-)

In the first picture, your "ipconfig" local address is
an internet address, like 71.123.100.32.

In the second picture, since routing and local DHCP are
in usage, your local address could be 10.x.x.x or 192.168.x.x
and so on. The second picture offers some protection for IPV4.
Depending on how addresses are allocated (apparently there's
more than one way to do it), link local addresses
on IPV6 number 4 billion. So if someone wants to scan you,
it would take a while just based on IP address alone.

Google bought a block of 2^96 IPV6 addresses, leaving 2^64
to address homes, and 2^32 inside each home for IoT etc.
I'm still not using IPV6, and have little interest in it
(it generally sucks for things I care about). It would
be a nightmare to monitor, just to read and translate
what the hell the addresses mean. When the day
comes that I need to switch, I'm going to have to hire
a "network guy" :-( Just so I don't get it wrong.

Paul
  #11  
Old January 2nd 18, 05:17 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default Windows DNS cache

"Brian Gregory" wrote

| I don't have a LAN. I don't allow sharing with other
| computers for security reasons.
|
| Surely your PC isn't connected directly to the internet?

I have a router connected to the cable input and
computers connected to that. I don't know if you'd
call that a LAN. I don't consider it a LAN because I
don't enable networking or filesharing functionality
on any of the computers.

| Maybe, but if a DNS result says it's valid for longer why not cache it
| for a bit longer.
|
| It's rather a pathetic PC by modern standards that can't spare 12MB of
RAM.
|

I doubt that external IP addresses are being cached via
DNS Client. If they were it would be redundant caching.
It's not a matter of sparing 12 MB RAM. There's no need
for the functionality because I don't have local networking.
There's no need for dozens of services. Many are security
risks. Since I don't enable any kind of networking I have
no need for any of those:
Workstation, Server, Remote* (except RPC),
COM+, NetLogon, Network DDE, NetMeeting, Messenger,
NLA, NPS, RPC security, Routing and Remote Access, SSDP
Discovery, UPNP, Terminal Services, WebClient.... All
unnecessary without local networking. Many of them risky.
It doesn't make sense to assume that someone is trying
to conserve RAM just because something isn't running. I
just like to keep things clean and lean and as safe as
possible.

If you're concerned about online speed I don't see the
logic. A DNS request probably takes a few ms. If I visit
a fast website it loads instantly in my perception. The DNS
request is a miniscule part of that. If you find your browser
is slow then your time would be better spent editing your
HOSTS file to stop ads and maybe disabling script when
possible.

| If the cache were long-lived there would be problems
| when a site changes IP address. I ran into that at one
| point when I found that several sites had disappeared.
| I finally figured out that the DNS proxy I use, Acrylic,
| stores a much longer DNS stash. Something like 10 days.
|
| It was probably broken then. Anything that caches DNS results should be
| asking for the Time To Live of results of queries it caches and not
| keeping them any longer than that as an absolute maximum. If that's too
| complicated just keep them, say, an hour.
|

Acrylic has its own system, caching for much
longer than normal. It can be adjusted. I'm guessing
the author(s) just assumes anyone using it knows
enough to manage caching. It's proxy DNS server
software.

| Aside from that, I don't know of any reason to cache
| DNS or to worry about cache. The storage time is brief
| and the time required for a DNS query is negligible. So
| it doesn't much matter one way or the other.
|
| All those queries to separate site for pictures, javascript, google
| APIs, Google adverts, other adverts etc. etc.
|

Speak for yourself. There hasn't been a Google
ad on my machines for ages. Possibly not in this
century. I also block their tracking. And I block
web fonts. And I rarely enable script. But even if,
for some reason, you welcome all those things, it
only needs one DNS request per visit to each domain.
As noted above, if you find it lagging then DNS is
almost certainly not the problem. Script and ads
and spyware are. If your car is sitting too low to
drive the solution is not to take the tire guage out
of the glove compartment. The solution is to take
the concrete blocks out of the trunk.

Another issue is that most pages these days are
dynamic. Since the page is generated on call, the
content and linked images are always new and
therefore there's no going to the browser cache.
No 304s. Very inefficient. But with speeds what
they are it doesn't seem to matter. I suspect any
slowness you experience is probably due to the
amazingly bloated script that's being used these
days. Often 2 MB or more.


  #12  
Old January 2nd 18, 05:25 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Mayayana
external usenet poster
 
Posts: 6,438
Default Windows DNS cache

"Paul" wrote

| There are a couple possibilities.
|

I don't really follow your explanations here. I have
cable, not DSL. The cable co-axial connects to a router.
Computers are wired to that, using fixed IP addresses
on this side. The cable company assigns an outside
IP, but it rarely changes. Probably just often enough
to stop me hosting a server.
I'm using fixed IP only because I don't like to allow
svchost through my software firewalls. DHCP is one
of the things that runs under svchost. When I first
got Win7 that was the only thing that svchost was
needed for that I didn't already have disabled. So I
switched to fixed IP addressing.

-------------------------------------

| RJ11 +----------------------------------+ RJ45 Eth +-------------
| ---| ADSL Modem alone or |-----------| Single PC
| | ADSL Modem/Router in Bridged Mode| PPPOE | Enter user/pass for
PPPOE in a windows dialog.
| +----------------------------------+ | (Older Windows don't
have PPPOE, but do have PPP dialup)
| | Windows Firewall,
*only protection*
| | Can be port scanned
for fun and profit.
| | This is the dumb
option, almost like DMZ.
| +-------------
| or you could have the more normal setup
|
| RJ11 +----------------------------------+ RJ45 Eth +-------------
| ---| ADSL Modem/Router in Routed Mode |-----------| Single PC
| | (ISP default, terminates PPPOE| | "Normal" | No password in this
box, for network
| | You put user/pass inside this box| | Windows Firewall
optional for IPV4
| | IPV4 offers NAT | | Windows Firewall
likely useful for IPV6.
| | IPV6 is security by obscurity | +-------------
| +----------------------------------+
|
| You can buy single port routers, such as the BEFSR41 years ago.
| It had one WAN port and one LAN port. A single port router
| translates between 192.168.0.2 LAN to whatever DHCP WAN address
| the ISP gives you on PPPOE login. The "ipconfig" command
| can give you some idea, just how bonkers your setup is :-)
|
| In the first picture, your "ipconfig" local address is
| an internet address, like 71.123.100.32.
|
| In the second picture, since routing and local DHCP are
| in usage, your local address could be 10.x.x.x or 192.168.x.x
| and so on. The second picture offers some protection for IPV4.
| Depending on how addresses are allocated (apparently there's
| more than one way to do it), link local addresses
| on IPV6 number 4 billion. So if someone wants to scan you,
| it would take a while just based on IP address alone.
|
| Google bought a block of 2^96 IPV6 addresses, leaving 2^64
| to address homes, and 2^32 inside each home for IoT etc.
| I'm still not using IPV6, and have little interest in it
| (it generally sucks for things I care about). It would
| be a nightmare to monitor, just to read and translate
| what the hell the addresses mean. When the day
| comes that I need to switch, I'm going to have to hire
| a "network guy" :-( Just so I don't get it wrong.
|
| Paul


  #13  
Old January 2nd 18, 05:50 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Windows DNS cache

Mayayana wrote:
"Paul" wrote

| There are a couple possibilities.
|

I don't really follow your explanations here. I have
cable, not DSL. The cable co-axial connects to a router.
Computers are wired to that, using fixed IP addresses
on this side. The cable company assigns an outside
IP, but it rarely changes. Probably just often enough
to stop me hosting a server.
I'm using fixed IP only because I don't like to allow
svchost through my software firewalls. DHCP is one
of the things that runs under svchost. When I first
got Win7 that was the only thing that svchost was
needed for that I didn't already have disabled. So I
switched to fixed IP addressing.


OK, so we're making progress.

You could do it like this, where the SVCHOST only talks to the router.
Does that assuage your sense of security ? The DHCP in this case,
is in two hops. The router has a client it talks to the ISP with.
The PCs have a client they talk to the router with. The evil svchost
doesn't talk directly to the ISP in this picture.

75ohm coax ------ cablemodem/router ------------ PC#1
---DHCP DHCP ------------ PC#2
for WAN server evil svchost
for LAN

If you do it like this, all you're doing is avoiding the DHCP
on the LAN side of the router.
fixed
75ohm coax ------ cablemodem/router ------------ PC#1 192.168.0.3
---DHCP ------------ PC#2 192.168.0.4
for WAN Some subnet
192.168.0.1
gateway etc.

Your configuration is still pretty conventional, and you're saying
now you have more than one PC connected.

What the router consists of, is a one port router and a switch chip.
The first router I owned, the $300 CDN BEFSR44, actually partitioned
this function as two circuit boards. The modem/router I have now,
all three functions (modem block, router, switch block) are in the
same Broadcom chip.
LAN Side
WAN --- router board ------------- switch chip ----- PC#1
----- PC#2
----- PC#3
consumer router ----- PC#4

Now, in that picture, all the PCs can see one another. The switch
is a learning switch, and it keeps track by observation, as to
what IPs are on each port.

Yes, you can probably use separate subnets and net masks, to logically
prevent the PCs from talking to one another. Is that what you're doing
to silo the PCs on the right ? The router portion is not supposed to route
non-routable addresses like 192.168.x.x, as far as I know.

Paul
  #14  
Old January 2nd 18, 06:09 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Char Jackson
external usenet poster
 
Posts: 10,449
Default Windows DNS cache

On Mon, 01 Jan 2018 21:37:00 -0500, Paul wrote:

You can buy single port routers, such as the BEFSR41 years ago.
It had one WAN port and one LAN port.


You're thinking of the BEFSR11 ;-)
The BEFSR41 had a WAN port and 4 LAN ports. (The clue is in the model
number, 11 versus 41.)

I used to own examples of both.

When I had the BEFSR11, I connected an Ethernet switch to the LAN port
so that I could connect all of the PCs. Actually, though the BEFSR11 and
41 are long gone, to this day I always connect an Ethernet switch to a
LAN port and all of the PCs connect to the switch. That way the LAN
stays up when the router has to be rebooted.

--

Char Jackson
  #15  
Old January 2nd 18, 06:43 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Windows DNS cache

Char Jackson wrote:
On Mon, 01 Jan 2018 21:37:00 -0500, Paul wrote:

You can buy single port routers, such as the BEFSR41 years ago.
It had one WAN port and one LAN port.


You're thinking of the BEFSR11 ;-)
The BEFSR41 had a WAN port and 4 LAN ports. (The clue is in the model
number, 11 versus 41.)

I used to own examples of both.

When I had the BEFSR11, I connected an Ethernet switch to the LAN port
so that I could connect all of the PCs. Actually, though the BEFSR11 and
41 are long gone, to this day I always connect an Ethernet switch to a
LAN port and all of the PCs connect to the switch. That way the LAN
stays up when the router has to be rebooted.


I was rebooting my router once or twice an evening.
Once of the finest electronics purchases I've ever made...

After a number of attempts to fix it by applying the
next release of firmware, it bricked. I expect that
was the only update that really "settled things".
It was stable after that (sitting in its cardboard box,
waiting for hell to freeze over).

Paul
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 12:03 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.