Windows Server: DNS Service - Negative Caching

As defined in RFC2308 (http://tools.ietf.org/html/rfc2308), DNS Servers are required to cache negative hits.  The reason given in the RFC is reduced DNS traffic on the internet. While this is a valid concern for a large DNS infrastructure, you will more likely rather have to deal with the negative side effect in a smaller DNS infrastructure environment (small to medium sized AD environment for example) then see much impact on your network performance by DNS queries.

An example of side effect: You try to access a host that is not available at that moment. Now even if that host becomes available again, it's cached for an hour the host isn't available.

KB318803 (http://support.microsoft.com/kb/318803) discusses how to essential disable negative caching on the client side by changing the registry key MaxNegativeCacheTtl.

To configure your DNS server, you will have to select the properties of your zone (in your DNS console Servername\Forward Zone\yourzone, right click, properties) and configure the "Minimum (default) TTL" value. The default is 1h, which will keep negative cache entries 1 hour. Adjust it to a value fitting for you:

(See the last paragraph of chapter 4 of the RFC2308: "The remaining of the current meanings, of being the TTL to be used

for negative responses, is the newly defined meaning of the SOA minimum field.")