Re: Caching question

"Adrian Marsh" <> wrote in message
news: o.uk...
> Hi All,
>
> I've two local DNS servers. I've noticed though that DNS lookups are
> taking quite a long time (800ms +). The server isn't a particularly busy
> server. Both are DCs. Both are configured to forward to our ISPs DNS
> servers. Both are Server 2003 Standard.
>
> I was wondering about DNS caching, and whether or not its actually enabled
> by default? I can't find any MMC gui to look at the DNS cache, or any
> stats of it. Or where to configure it and tweak the settings.
>
> I've read some MS articles about how to create a DNS caching server, but
> they just seem to say "install DNS". So if I make a server a DC too, does
> it turn off caching?? Are all MS servers caching servers by default??
>
> Thanks,
>
> Adrian


DNS caching on the server and on the workstations, are enabled by default.

If your concern is just for the TTL values, as Jonathan mentioned, you can
view the cache to look at each record's TTL values.

To view the cache in DNS, go to view, choose Advanced and drill down to the
Cache. There is nothing to tweak. Any successful queries will be cached. If
you open a record, you can see the TTL. If you close it, then reopen it
again, you can see the time left counting down. When it reaches zero, it
gets pulled.

On the workstations, run an ipconfig /displaydns and you can see what the
client side resolver has cached. Hit arrow up (to repeat the command), hit
enter and you can see it counting down.

Where does the record's TTL come from? From the DNS server that hosts the
record. You can't change it.

But I don't think this is the problem or the cause of your original concerns
about long lookup times. It's either usually due to DNS configuration, the
ISP's DNS if using forwarding, firewall blocks (ENDS0 support), or both.
Therefore it can be based on various things, but without knowing your
config, it's complete guess work. Please post the following to better
assist:

1. An unedited ipconfig /all of the server and workstation.
2 .If Forwarding is enabled. If so, what is the forwarder?
3. Any EventID# errors in the event logs of the server and the workstation.

Thank you,

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE &
MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please
contact Microsoft PSS directly. Please check http://support.microsoft.com
for regional support phone numbers.

"Adrian Marsh" <> wrote in message
news:weGdne6RioF36fjWnZ2dnUVZ7o-...
> On 31/01/2010 05:33, Ace Fekay [MVP-DS, MCT] wrote:
>> "Adrian Marsh"<> wrote in message
>> news: o.uk...
>>> Hi All,
>>>
>>> I've two local DNS servers. I've noticed though that DNS lookups are
>>> taking quite a long time (800ms +). The server isn't a particularly
>>> busy
>>> server. Both are DCs. Both are configured to forward to our ISPs DNS
>>> servers. Both are Server 2003 Standard.
>>>
>>> I was wondering about DNS caching, and whether or not its actually
>>> enabled
>>> by default? I can't find any MMC gui to look at the DNS cache, or any
>>> stats of it. Or where to configure it and tweak the settings.
>>>
>>> I've read some MS articles about how to create a DNS caching server, but
>>> they just seem to say "install DNS". So if I make a server a DC too,
>>> does
>>> it turn off caching?? Are all MS servers caching servers by default??
>>>
>>> Thanks,
>>>
>>> Adrian
>>
>>
>> DNS caching on the server and on the workstations, are enabled by
>> default.
>>
>> If your concern is just for the TTL values, as Jonathan mentioned, you
>> can
>> view the cache to look at each record's TTL values.
>>
>> To view the cache in DNS, go to view, choose Advanced and drill down to
>> the
>> Cache. There is nothing to tweak. Any successful queries will be cached.
>> If
>> you open a record, you can see the TTL. If you close it, then reopen it
>> again, you can see the time left counting down. When it reaches zero, it
>> gets pulled.
>>
>> On the workstations, run an ipconfig /displaydns and you can see what the
>> client side resolver has cached. Hit arrow up (to repeat the command),
>> hit
>> enter and you can see it counting down.
>>
>> Where does the record's TTL come from? From the DNS server that hosts the
>> record. You can't change it.
>>
>> But I don't think this is the problem or the cause of your original
>> concerns
>> about long lookup times. It's either usually due to DNS configuration,
>> the
>> ISP's DNS if using forwarding, firewall blocks (ENDS0 support), or both.
>> Therefore it can be based on various things, but without knowing your
>> config, it's complete guess work. Please post the following to better
>> assist:
>>
>> 1. An unedited ipconfig /all of the server and workstation.
>> 2 .If Forwarding is enabled. If so, what is the forwarder?
>> 3. Any EventID# errors in the event logs of the server and the
>> workstation.
>>
>> Thank you,
>>
>
> Thanks for the reply Ace,
>
> I'm not seeing in the MMC for DNS where you can "drill down" to see the
> cache itself. I have Advanced turned on, I can see "Event Viewer",
> "Forward Lookup Zone", Reverse, Root Hints, and Forwarders at the server
> level, but no Cache. Opening Forwarders just takes me to the configuration
> page, no cache view.
>
> I understand TTL, but I wondered if the server had a min/max cache size
> that needed changing.
>


If the DNS console is in Advanced View, you will see an additional yellow
folder called "Cached Lookups." Under this folder, you will see other
folders for the TLDs that have been successfully queried, at the top
starting with ".(Root)," and under the Root folder, you will see ".com,"
".net," and possibly numerous others. If this is empty, then no successful
queries have occured.

Just to eliminate any possibly config issues that may be causing this,
please answer the questions I've asked, below:

1. An unedited ipconfig /all of the server and workstation.
2 .If Forwarding is enabled. If so, what is the forwarder?
3. Any EventID# errors in the event logs of the server and the workstation.
4. Also be helpful the type of firewall connected to the ISP and IOS version
of the firewall software. Many older firewalls do not support EDNS0, which
will affect resolution results.


Ace