Intermittent incorrect DNS resolution?
vinny at abellohome.net
Fri Jan 18 23:12:52 UTC 2013
On 1/18/2013 5:46 PM, Jay Ashworth wrote:
> ----- Original Message -----
>> From: "Vinny Abello" <vinny at abellohome.net>
>> Just an FYI...
>> Every version of Windows since Windows 2000 (sans Windows Me) has had
>> the DNS Client service which maintained this caching function. This
>> was by design due to the massive dependency on DNS resolution which
>> Active Directory has had since its creation. It greatly reduced the
>> amount of repetitive lookups required thereby speeding up AD based
>> functions and lessening the load on DNS servers. It still exists today
>> up through Windows 8. You can disable the service, but it will also
>> break DDNS updates unless your DHCP server registers hostnames on
>> behalf of your clients.
> Microsoft broke the Internet just to make their internal networking
> work properly?
> I'm shocked; *shocked* I tell... yes, just put the money right over there;
> *shocked* I say.
> You can't imagine how much time that lost me in diagnoses when it first
> came out, until we finally located it somewhere on the Internet.
LOL... I don't know that they so much broke anything other than people's sanity and expectations. I can't say this with certainty, but I was always under the assumption that the DNS Client also respected TTL's of all RR's it cached. Maybe that was an incorrect assumption, but if that was correct then at most all they did was give everyone a caching stub resolver built into their OS. I don't feel this is much different than many *nix distributions installing BIND with a default recursive configuration and /etc/resolv.conf pointing to ::1 or 127.0.0.1... other than the obvious differences that it's doing recursion and you can *ASK* BIND what it's doing in a myriad of ways. That's always been my biggest gripe with the DNS Client. Either way, I wonder what the load on various DNS infrastructure throughout the world would look like if this mechanism didn't exist. I take it most recursive servers would just be answering a lot more queries from cache and burning cycles.
For the record, Mac OS X also caches DNS queries. You can flush with the cache with "dscacheutil -flushcache" up through Snow Leopard, or using "killall -HUP mDNSResponder" via sudo or equivalent root rights on Lion and Mountain Lion.
More information about the NANOG