[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How to have no DNS cache for a specific domain?

Posted on 2016-08-14
3
Medium Priority
?
107 Views
Last Modified: 2016-08-15
Hi,

There is the scenario. We have a partner who needs to change their IP frequently in their DNS. The problem is we are having a DNS cache so their change doesn't take effect immediately in our side.

Is possible in Windows 2008 or Windows 7 (for users) to remove the cache just for a specific domain?

Thanks
0
Comment
Question by:SAM2009
3 Comments
 
LVL 20

Accepted Solution

by:
Mal Osborne earned 1000 total points
ID: 41755918
This is the responsibility of the person who  is changing the IP, and updating the authoritative DNS server. Each record has a Time To Live (TTL), which instructs your DNS server how long to cache the record. Typically, this is set to a few days, however, if the an IP changes frequently it should be set to a lower value, maybe 5 mins.
0
 
LVL 4

Assisted Solution

by:Pallavi Godse
Pallavi Godse earned 1000 total points
ID: 41755939
Actually, there isn't a proper way of setting up a DNS server to selectively cache for one DNS zone and not for another.
   
    1: "You ALWAYS want DNS queries to go directly to the source." This is possible, if you own and control the source zone. You will need to set the Zone's TTL to 0. By doing this, the DNS request will NEVER cach amd so every time names are looked for the master DNS server will be queried.

    2: "You want to Black-List some DNS zones." - The solution to this problem will incorporate the one above, but I would advice to create stub zones to nowhere (where the glue records go to nothing) for these zones. A secondary need is usually to capture the data, so you can identify possibly problem clients.
0
 
LVL 1

Author Closing Comment

by:SAM2009
ID: 41757267
Thanks
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question