WinXP won't clear the DNS cache (can it be cleared manually)?

DNS Client also caches the contents of the HOSTS file, otherwise every single DNS lookup goes through the file line by line looking for comparisons.

If you have local, fast, reliable DNS servers and a trivial HOSTS file, DNS Client adds little benefit. However, if you have a large HOSTS file, DNS Client speeds up lookups significantly. Similarly, if you have unreliable DNS servers, or your DNS servers are more than a few milliseconds away, DNS Client can create a significantly snappier user experience.

DNS Client doesn't "prevent a network repair" but rather, it's part of the network repair process. By disabling parts of Windows randomly, you should be prepared for unexpected behaviour when performing activities that rely on those disabled components.

Not sure if the following help.

c:\> ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

c:\>

revised messages every ten minutes?

a huge hosts file (with spam blocking). I don't remember the problem but = that is why I disabled the DNS Client service.

huge hosts files and prevening network repairs)?

files. Without the DNS Client service, the hosts file is read and = processed by every individual application process for every individual = query. With the DNS Client service, the hosts file is read and = processed once, by the DNS Client service at startup, and then re-read = whenever the DNS Client service sees that it has changed.

I agree. In a nutshell, the DNS Client service is the caching service. = :-)

--=20 Ace

This posting is provided "AS-IS" with no warranties or guarantees and = confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit = among responding engineers, and to help others benefit from your = resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & = MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, = please contact Microsoft PSS directly. Please check =

for regional support phone numbers.

Where did you get that recommendation from? And based on where you got = it from, what was the recommendation based on? Were you having a = resolution problem, or infected with a virus that was affecting the = resolver algorithm?

--=20 Ace

This posting is provided "AS-IS" with no warranties or guarantees and = confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit = among responding engineers, and to help others benefit from your = resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & = MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, = please contact Microsoft PSS directly. Please check =

for regional support phone numbers.

Everywhere I looked, people strongly advise disabling DNS caching!

"The most important thing to do before using large HOSTS files is to disable the DNS Client"

"We recommend disabling the "DNS Client" service on all local computers" "Turn off the "DNS Client" service entirely. This is What we are recommending!" "To avoid the slowdown, either disable the DNS Client or avoid using a large HOSTS file" "Disable caching of unsuccessful ("negative") DNS lookups" "Unless you are accessing network filesystems and databases, disable the DNS Client" etc.

Even Microsoft weighs in, albeit not as strongly as the rest of the world!

"DNS caching ... may generate a false impression that DNS "round robin"

The strange thing is that almost everyone on the net recommends we turn OFF the DNS Client (aka DNS Caching) services, especially for people (like me) who have a huge hosts file.

That doesn't jive with the explanation given about why DNS Client (i.e., caching) is useful for large hosts file.

I'm very confused!

REFERENCES:

"The most important thing to do before using large HOSTS files is to disable the DNS Client"

"We recommend disabling the "DNS Client" service on all local computers" "Turn off the "DNS Client" service entirely. This is What we are recommending!" "To avoid the slowdown, either disable the DNS Client or avoid using a large HOSTS file" "Disable caching of unsuccessful ("negative") DNS lookups" "Unless you are accessing network filesystems and databases, disable the DNS Client" etc.

Even Microsoft weighs in, albeit not as strongly as the rest of the world!

"DNS caching ... may generate a false impression that DNS "round robin"

That's strange, do any of the links you provided actually recommend disabling DNS caching? They don't seem to be recommending that at all.

So don't use a large Hosts file. Problem solved. (I didn't check this link.)

This advice only applies if you're running their DNS Plus application.

Two problems with this one. First, it's from 2002, and second, and even more importantly, it's from John Navas. I wouldn't take advice from John Navas.

So don't use a large Hosts file. Problem solved. (I didn't check this link.)

This seems to be a user forum where a couple of folks are reporting a gut reaction that doesn't seem to be supported by any facts; i.e., disabling the DNS Client service dramatically increases page rendering time. Extremely doubtful, especially without any benchmarks to back up the claims.

The comment from this page is "Comment: It's typically good to leave this on.".

Last but not least, this KB article doesn't make any kind of blanket recommendation about disabling the DNS Client service.

In summary, I don't see any reason to disable it at all.

I'm now thoroughly confused. :(

I thought disabling DNS Caching or disabling the DNS Client service are, essentially, the same thing.

These articles "seemed" to recommend disabling one or the other (which, I thought, was the same thing).

I do understand your comments (and I don't disagree as I don't have enough information, e.g., who is John Navas, etc.); yet, I do make daily use of a very large hosts file (and for good reason).

So, I enabled the DNS Client service (as per recommendations here).

However, I just realized I also use Comodo which has an option to use THEIR DNS servers.

Do you think this "feature" is partially the cause of what we're seeing?

This is Comodo's description of the "Comodo Secure DNS Configuration" feature!

Comodo Secure DNS - Another free service intended to provide you with a safer, smarter, and faster Internet:

- Websites load faster because your domain name requests are resolved by our worldwide network of fully redundant DNS servers

- Highly secure infrastructure reduces your exposure to DNS Cache Poisoning attacks

- Parked, not in use, or commonly misspelled domains are automatically detected and forwarded

If you use Comodo Secure DNS Servers:

- Your computer's primary/secondary DNS settings will be changed to

156.154.70.22, 156.154.71.22 If you are in a corporate network or using VPN connections, then contact your administrator before enabling this option to avoid potential connectivity issues.

Kat, read my responses to those links. In addition to Char's responses, = which I agree with, you should really leave the service alone. I made = some other recommendations.

And good question about your scenario. Is this a home machine, or a = machine on a corp network?

Ace

I hope someone will correct me if I'm wrong, but I assumed the DNS Client service performed local DNS caching as one of its duties, so in that respect they are related.

No, I don't think it's related. You can use an application called Namebench to test multiple DNS servers to see which are fastest for you.

It's just a home machine. WinXP Home. Not much of a network at all. I just realized Comodo has its own DNS servers, which I enabled, to see if that helps.

I'm not familiar with Comodo's DNS servers. You may want to try OpenDNS. = I think that's a better solution than all of those entries in the hosts = files slowing down your machine.

And leave the DNS Client service running.

Did you read my other response?

--=20 Ace

This posting is provided "AS-IS" with no warranties or guarantees and = confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit = among responding engineers, and to help others benefit from your = resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & = MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, = please contact Microsoft PSS directly. Please check =

for regional support phone numbers.

The strange thing is that almost everyone on the net recommends we turn OFF the DNS Client (aka DNS Caching) services, [...]

It's usually folk wisdom, that almost certainly has been passed on from each to the other.  It's often not based upon knowledge of what the DNS Client does or is.  (One person in your list there thinks that the DNS Client is a DNS server, for example.)  It's instead based upon an Animal-Farm-like simplistic notion of  "service enabled bad, service disabled good", which is of course wrong.  A second person in your list even blames the DNS Client service for the facts that xyr several ISPs are not presenting the same views of the DNS namespace as each other, and that sometimes DNS lookups produce (gasp!) answers that say that a particular domain name doesn't exist. Interestingly, one of the items in your list is someone posting this piece of folk wisdom in a discussion forum and having it debunked by other people.  As you note, what you'll find written by Microsoft doesn't support this folk wisdom, either.  As M. Fekay says, Microsoft is right about its own software, here.  There are some instances where Microsoft gets things wrong about its own products, usually resulting from the fact that it's a big company and in such companies the people who write the user documentation are sometimes not the people who develop the software, or from the fact that even people within Microsoft aren't immune from believing Internet/WWW-garnered erroneous received wisdom from time to time, but this particular instance isn't one of them.

The most noteworthy item in your list is the documentation for Simple DNS Plus.  That's the only one that you present that actually gives a sensible reason for not having the DNS Client service enabled: namely that Simple DNS Plus is a fully-fledged caching resolving proxy DNS server, and if one has one of those locally, having the extra caching in the DNS Client service on the same machine makes no sense. Further sensible advice is the advice that you're ignoring, but that you'll find equally widely disseminated: Don't use DNS for this task at all.  It's the wrong tool.  The DNS is not a tool for meeting WWW browsing customization needs. That's a lesson that the world learned in 2003.  Use an advertisment-blocking HTTP proxy server; use a PAC script, or use one of the many WWW browser plug-ins that do what you want to do. There two lessons here:

Folk wisdom is often based upon people using magic incantations and not really understanding what their computers do. Abusing the DNS to solve an HTTP problem is wrongheaded.

This is Comodo's description of the "Comodo Secure DNS Configuration" feature!

Here's a tip: Sales pitches are often not technically accurate.  It's advertising, for goodness' sake.

Websites load faster because your domain name requests are resolved by our worldwide network of fully redundant DNS servers

DNS lookup is often not the major factor in the speed for which a "page" is loaded by a WWW browser.  And a "worldwide network" is flim-flammery.  All that the "worldwide network" achieves is putting the proxy DNS server relatively close to you.  But you can put it even closer still by the simple expedients of doing things the way that most people do, and obtaining proxy DNS service in the ways outlined later.  Ironically, the sales pitch is trying to sell you on benefit of the attempt to compensate for the fact that normally such a service is at a distance disadvantage to how one would normally obtain proxy DNS service.

Highly secure infrastructure reduces your exposure to DNS Cache Poisoning attacks

So, too, does running an ordinary DNS server in accordance with best current practice.  Running an instance of Microsoft's DNS server for Windows, properly configured, locally, does the same, but with the benefit that it doesn't hand the keys to the kingdom to someone that you have no reason to trust (more on which later).

Parked, not in use, or commonly misspelled domains are automatically detected and forwarded

This is actually a bad thing.  Again, the world learned this lesson in 2003.  In addition to my Frequently Given Answer, there are several technical reports that one can find that discuss the problems of automatically generating faked DNS data for mis-spelled and non-existent domain names.  This is a huge reason for avoiding Comodo, if anything.  Danger, Will Robinson!

If you use Comodo Secure DNS Servers:

Unsurprisingly, what's missing from the sales pitch is the fact that by configuring your machines to use a resolving proxy DNS server from someone like this you are basically handing over full control of your view of the DNS namespace to a third party with whom you have no contractual relationship.  The places to obtain proxy DNS service are (a) your own proxy DNS servers that you run, or (b) the proxy DNS servers provided by someone with whom you have a contractal relationship for that service.  And as you can see, Comodo isn't someone to trust at all, here.  For starters, it wants hi-jack mis-spelled and non-existent domain names and force you to places of its choosing for those names.  The Verisign Internet Coup of 2003 is a lesson to learn from.

John Corliss was thinking very hard :

That's Ok.

Yep, that's how I remember it, stopped using 7 or 8 years ago.

Well, the first lesson should be quoting some part of the original message so other knows what you are talking about.

understanding what their computers do.

Not to call you out on missing something obvious, but the previous poster *did* quote, but it was done using indents rather than quote marks.