Microsoft KB Archive/301695

= DNS name cache behavior of ISA Server Web Proxy =

Article ID: 301695

Article Last Modified on 1/19/2005

-

APPLIES TO


 * Microsoft Internet Security and Acceleration Server 2000 Standard Edition
 * Microsoft Small Business Server 2000 Standard Edition

-



This article was previously published under Q301695



IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SYMPTOMS
The ISA Web Proxy service caches name resolution responses from DNS servers (or other means such as a HOSTS file) for a default time of 6 hours. However, the ipconfig /flushdns command does not flush this cached entry because it is saved inside the Web Proxy service.



RESOLUTION
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

To work around this behavior, note that the TTL that is used for caching DNS responses is controlled by the following registry entry that you can change to a smaller value:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fpc\Arrays\{ARRAYGUID}\ArrayPolicy\WebProxy

&quot;msFPCDnsCacheTtl&quot;=dword:00005460

The value is in seconds that are represented in hexadecimal, and the number that is shown is: 0x5460 = 21600 = 6 hrs

The following {ARRAYGUID} value will be a number like this number:

{32E328DE-7C4E-47F8-B1AB-A7891AAC98A7}

NOTE: The default TTL for DNS records is 1 hour, and the Web Proxy service should be restarted for it to read the new value.

For Enterprise Arrays, the following value must be modified in Active Directory

The attribute in AD is &quot;msfpcDnsCacheTtl&quot; at: CN=WebProxy,CN=ArrayPolicy,CN={ArrayGUID},CN=Arrays,CN=Fpc,CN=System,DC=Vanguard,DC=Com

Note The &quot;msfpcDnsCacheTtl&quot; value in AD is in seconds, where the default value for the &quot;msfpcDnsCacheTtl&quot; attribute should be shown as 21600 (21600sec =6hr)

Note This article does not apply to ISA Server 2004. ISA Server 2004 does not use the &quot;msFPCDnsCacheTtl&quot; value. Instead ISA Server uses the TTL value that is defined on the DNS record.

Keywords: kbenv kbprb KB301695

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.