Intermittent incorrect DNS resolution?

Vinny Abello vinny at
Fri Jan 18 22:41:24 UTC 2013

Hash: SHA1

On 1/16/2013 7:16 PM, Jay Ashworth wrote:
> ----- Original Message -----
>> From: "Erik Levinson" <erik.levinson at>
>> I'm having an unusual DNS problem and would appreciate feedback.
>> For the zones in question, primary DNS is provided by GoDaddy and
>> secondary DNS by DNS Made Easy. Over a week ago we made changes to
>> several A records (including wildcards on two different zones), all
>> already having a TTL no greater than one hour.
>> The new IPs on those A records have taken many millions of requests
>> since the changes. Occasionally, a small amount of traffic appears at
>> the old IPs that those A records had. This is HTTP traffic. Packet
>> captures of this traffic show various Host headers.
> I'm a touch surprised to find that no one has mentioned the facet of
> Windows OSs that requires "ipconfig /flushdns" in some such circumstances...
> Not only may *browsers* be caching DNS lookups without regard to TTLs,
> the *OS* might be doing it to you too, in circumstances I was never quite
> able to get a handle on.
> XP was known to do this, as late as SP3; I'm not sure about V or 7.

Just an FYI...

Every version of Windows since Windows 2000 (sans Windows Me) has had the DNS Client service which maintained this caching function. This was by design due to the massive dependency on DNS resolution which Active Directory has had since its creation. It greatly reduced the amount of repetitive lookups required thereby speeding up AD based functions and lessening the load on DNS servers. It still exists today up through Windows 8. You can disable the service, but it will also break DDNS updates unless your DHCP server registers hostnames on behalf of your clients.

- -Vinny

Version: GnuPG v2.0.17 (MingW32)


More information about the NANOG mailing list