How to query client socket (DNS) name cache?

  We are beginning a long-term transition from WINS to DNS at our shop, and I'm getting comfortable with the server side of DNS. However, I'd like to be able to have more client side understanding. I'm getting comfortable with nslookup, but want more *client* side info than nslookup provides.

   Specifically, I want to be able to query (as opposed to clear) the client's "DNS" cache, preferrably the entire cache, but will settle for a single name if I have to. I want to be able to see the time remaining in the TTL for a name. I know arp -a and nbtstat -c are similar utils to what I'm looking for, but they don't do this.

   What utility (or API) will? I'm really interested in the answer to this for every OS I'll be working with: NT, 95/98, AIX, Solaris, Linux, but will clearly be happy if I can get the answer for NT and 95/98.

   Thanks in advance!
morgan1Asked:
Who is Participating?
 
irpConnect With a Mentor Commented:
Your PC (Client) does *not* cache DNS entries. I thought it did but I just did a little test. Load www.experts-exchange.com, stop DNS on DNS server, reload www.experts-exchange.com. It didn't work. Hence, PC (Win95) does not cache DNS.
0
 
dsrikumpCommented:
morgan1,
 I'm sort of confused by your question. Are you asking about how to find out what's in a clients arp cache? Or are you trying to find out about how to learn more about different clients and servers located elsewhere on a network?

 In the case that you are looking to find out more about utilities that can be used to find out more about other clients, you need look no further than what's in the standard TCP/IP suite. There is the "ping" command used to send a query packet to another host to determine if it can receive and respond to packets. There is "tracert" (traceroute in almost everyone else's vocabulary except windows) which can help you determine where your packets are going and how many "hops" it takes to get there. This can tell you about TTL decrementation as well.

 If that wasn't what you were looking for then please rephrase the question. Thanks and good luck!
0
 
dsrikumpCommented:
Looks like I forgot to add something.

"ipconfig /all" is a great command for finding out information that you are sitting at.

If you were looking to find out what's in other machines arp cache, this might be an exercise in futility because it is a very dynamic file that changes every 12 minutes or so. WinNT and 95 both flush the arp cache of entries that are not marked as static after about 12 minutes. But if this is indeed what you want to do then you can install rconsole from the NT resource kit on the machine that you want to execute commands on and run rclient from your machine. This supposedly acts like a telnet client! Then you should be able to execute the arp -a command and see the results in your rclient window. Although I have never had to do this first-hand.
0
 
morgan1Author Commented:
  Sorry, I thought that I had been specific enough the first time. What I want to look at is NOT the client's ARP cache, which tracks the association between IP to MAC on the client, but the client's NAME cache, which tracks the association from NAME to IP. My DNS server has one of these, and my client does, too. On the NetBIOS side, the NBTSTAT -c command shows the Microsoft *equivalent* to the information I'm seeking about DNS on my client PC.

   For instance, if I ping www.experts-exchange.com from my PC, my company DNS server will talk to the DNS servers on the Internet to locate the DNS records for this DNS name. My DNS server caches the response in it's cache before delivering the answer to my PC. My understanding is that my PC caches the answer, too, so that it doesn't requery my DNS server if I immediately re-ping that web server. I want to be able to look at my PC's name cache. I am interested in this largely as a troubleshooting tool. If I adjust the TTL on a DNS name or domain that I administer on my company's DNS server, I want to be able to monitor the effect within the network by DNS clients as they use that name.

   I want to understand the environment that I support as much as possible and be able to monitor the effect of changes that I make to that environment. I guess that I can fall back to sniffing the network beside my client when performing the testing, but consider that to be an inelegant solution to this question.

   Again, any thoughts or ideas would be appreciated. Thanks!
0
 
morgan1Author Commented:
Fair enough. This mirrors my own suspicion, and probably holds true on NT as well. Thanks for your input on this.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.