locked
Method of override DNS TTL on Windows 2008 R2 client DNS cache RRS feed

  • Question

  • I find these articles: http://support.microsoft.com/kb/318803 and http://support.microsoft.com/kb/245437 both of which explain how to change the maximum TTL for Windows 2000. However, I wuld like to verify this KB also applies to Windows Server 2008 R2.

    Problem I am trying to solve:

    Our printers are defined using DNS host (A) records. The default TTL for new entries on our DNS servers is 3600 seconds (1 hour). This TTL is used by the client (in this case, the client is a Win2k8r2 print server). I want the print server to see a change to DNS close to real-time (we use round-robin DNS resolution and integrated Windows Active Directory DNS servers, and allowing for domain replication, "real-time" could be 5 minutes. So a 5 minute TTL for the entry in the DNS cache would be an okay compromise. We are using IPv4, IPhlpsvc is disabled, and IPv6 is not configured on the network adapter and is blocked at the firewall.

    For a Windows Server 2008 R2 Standard computer:

    1. Can I simply add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNSCache\Parameters DWORD "MaxCacheTtl" value 300 (decimal = 300 seconds)?

    2. Even after updating MaxCacheTtl (after restarting server) will the dnscache service honor this value? 

    Thursday, May 23, 2013 7:32 PM

Answers

  • I don't want to update the DNS zone's TTL for DNS host (A) records. That would affect all clients in the domain. I only want three specific member servers to have a faster DNS cache flush - at all times, not just during a maintenance window. These member servers are print servers and we rely upon DNS host (A) records to find printers in the organization. (The print servers use a FQN to resolve the IP address of the printer for the defined print queue's printer port.)

    By adding MaxCacheTTL to the print servers' registry I seem to have arrived at the solution I want. Namely, that all DNS host lookups from the print server have a cached entry with a maximum age of 300 seconds. At least this is what I believe the IPCONFIG /DISPLAYDNS results indicate. For example, www.google.com is resolved by an external DNS server and the TTL on that entry is 130 seconds. Our internal DNS server uses the Microsoft default of 3600 seconds. When I display the DNS cache, all cached entries are 300 seconds except Google's, which is 130 seconds. This seems to be the result I want.

    Am I interpreting the results from IPCONFIG /DISPLAYDNS correctly?

    Why doesn't Microsoft document this correctly in http://support.microsoft.com/kb/318803 and http://support.microsoft.com/kb/245437 for versions of Windows after 2000? If there is a different documentation I should be referencing, please advise.

    Thanks!

    Tuesday, May 28, 2013 1:47 PM

All replies

  • I should add, when I made the above changes what I see in an IPCONFIG /DISPLAYDNS command output is that all cached DNS entries on that client assume a TTL value equal to what is in the registry. Did not have to restart the computer or restart the DNSCache service.
    Thursday, May 23, 2013 8:55 PM
  • The MaxCachetTTL is for the DNS Server cache itself. I think you want to look at the DNS host record TTL, which is in the record itself, and is derived from the zone properties TTL setting, which is 1 hour by default. 

    For host records, it's the MaxCacheEntryTtlLimit, which has a max one day value, but if the host record is less, it will take that value. But instead of changing it in the registry on each individual machine, you just change it in the zone properties, since this is the time that the client side resolver service will store the record once it has queried it.

    I would change it from the one hour to 5 minutes. But keep in mind, this will generate quite a bit more of DNS query traffic. We usually chop it down right before a maintenance window, then put it back to an hour after we've completed the tasks.

    HOW TO: Modify Time to Live on Domain Name System Records
    http://support.microsoft.com/kb/297510

    -


    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Tuesday, May 28, 2013 6:37 AM
  • I don't want to update the DNS zone's TTL for DNS host (A) records. That would affect all clients in the domain. I only want three specific member servers to have a faster DNS cache flush - at all times, not just during a maintenance window. These member servers are print servers and we rely upon DNS host (A) records to find printers in the organization. (The print servers use a FQN to resolve the IP address of the printer for the defined print queue's printer port.)

    By adding MaxCacheTTL to the print servers' registry I seem to have arrived at the solution I want. Namely, that all DNS host lookups from the print server have a cached entry with a maximum age of 300 seconds. At least this is what I believe the IPCONFIG /DISPLAYDNS results indicate. For example, www.google.com is resolved by an external DNS server and the TTL on that entry is 130 seconds. Our internal DNS server uses the Microsoft default of 3600 seconds. When I display the DNS cache, all cached entries are 300 seconds except Google's, which is 130 seconds. This seems to be the result I want.

    Am I interpreting the results from IPCONFIG /DISPLAYDNS correctly?

    Why doesn't Microsoft document this correctly in http://support.microsoft.com/kb/318803 and http://support.microsoft.com/kb/245437 for versions of Windows after 2000? If there is a different documentation I should be referencing, please advise.

    Thanks!

    Tuesday, May 28, 2013 1:47 PM
  • It appears you're interpreting it correctly. If this solution works, go with it. :-)

    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Tuesday, May 28, 2013 4:52 PM