Jump to content

Leet DNS Cache Tweak for Windows.


LeetPirate

Recommended Posts

My gift to you for this holiday season is this tweak.:wub:

Leet DNS Cache Tweak for Windows.

For those of you who prefer not to completely disable the DNS Client service in Windows, you can use this guide to tweak the service to work in a more useful manner.

Similar tweaks are posted all over the net but those guys have no idea why they chose the values they set; some of them didn't make sense so I adjusted them to my own settings which I believe to be more useful and practical. Also I consolidated a few other settings that others left out in their guides. I will provide a brief explanation of what the parameters do but you need to search the internet if you want to know more about them.

  1. Open Notepad or any text editor and paste the following code into a new file.
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]
    "QueryIpMatching"=dword:00000001
    "NegativeCacheTime"=dword:00000000
    "NegativeSOACacheTime"=dword:00000000
    "CacheHashTableBucketSize"=dword:00000001
    "CacheHashTableSize"=dword:00000180
    "MaxCacheEntryTtlLimit"=dword:00000e10
    "MaxSOACacheEntryTtlLimit"=dword:0000012c

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
    "QueryIpMatching"=dword:00000001

  2. Save the file, call it DNSCache.reg or anything.reg.
  3. Be sure you have Administrator privileges, right click the file and select "Merge", click yes to confirm the merge. You could also double click the file instead of right clicking to select merge, same result.
  4. Reboot for the changes to take effect.

Brief Explanation of Parameters:

Sources: http://itsyourip.net...winregistry.php, http://www.thinkdigit.com/forum/showpost.php?p=307914&postcount=4 .

  1. QueryIpMatching - Prevents DNS Cache poisoning by preventing the DNS resolver from accepting responses from non-queried DNS servers. May not be related to Win7 but no confirmation from Microsoft so better safe than sorry. Does no harm by adding this key anyway to be on the safe side.
  2. NegativeCacheTime - This is similar to MaxCacheEntryTtlLimit with the exception that this defines the time a Negative answer for a domain or host is held. Once the time expires, this negative DNS Cache will cleared.
  3. NegativeSOACacheTime - This is similar to MaxSOACacheEntryTtlLimit with the exception that this defines the time a Negative answer for a domain or host is held. Once the time expires, this negative DNS Cache for the SOA record will cleared.
  4. CacheHashTableBucketSize - Specifies the number of columns that the Hash table can contain in the DNS Cache.
  5. CacheHashTableSize - Specifies the number of rows that the Hash table can contain in the DNS Cache.
  6. MaxCacheEntryTtlLimit - The value set to this entry indicates how long the DNS Cache can hold the DNS records for a domain or host. Normally, the DNS responses from the DNS server will have the Time To Live (Time it can be held in DNS Cache) value for the DNS Record. However, if the TTL is more than that set for MaxCacheEntryTtlLimit then that value (from the DNS response) is ignored and will be cleared of the cache once the time defined by MaxCacheEntryTtlLimit expires.
    The default value is 86400 seconds (1 Day).
  7. MaxSOACacheEntryTtlLimit - This is exactly the same as that of MaxCacheEntryTtlLimit with the exception that it applies for the SOA records of a domain and not for the other DNS records. This time overrides the Ttl defined for the SOA Record in the DNS Response which is cached. If the TTL for the SOA record is more than that defined for this entry then TTL from the DNS Response will be ignored and will be cleared of the cache when the MaxSOACacheEntryTtlLimit time expires.
    The default value is 300 seconds (5 Mins).

Link to comment
Share on other sites


  • Replies 14
  • Views 11k
  • Created
  • Last Reply
  • Administrator

Wow. Seems really good. I tried it just now. :)

Link to comment
Share on other sites


Use regular notepad.. save as regular file no spaces in name to be safe.. then double click the saved file after closing the main window..

Yep, that worked. Thanks!

Link to comment
Share on other sites


Just saw this thread,fantastic as always,rep added,though u dont need one 8)

Link to comment
Share on other sites


  • 2 weeks later...

I've replaced the normal reg line 5.0 with REGEDIT4...this is to ensure complete system compatibility, as reg 5.0 seems to be incompatible with certain OS's/system configurations

Link to comment
Share on other sites


  • 2 months later...

Thanks for this :)

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...