Re: DNS cache and hosts file ignored

On Fri, 2 Jun 2006 14:51:47 +0100, "Daniel Crichton" <msnews@xxxxxxxxxxxxxxxx>
wrote:

Caleb wrote on Fri, 2 Jun 2006 05:41:02 -0700:

I have a nice new installation of Window XP Pro 64. SP 1 (v2003).
My problem can be stated rather simply as: My hosts file is being
completely
ignored by the DNS client.

The Hosts file is valid (name and content) and located in the correct
folders. The registery settings are correctly set to find the hosts file.

Exactly what location is it in? I haven't messed with XP 64 yet, but maybe
it should be in

c:\windows\system64\drivers\etc\

rather than the system32 folder - if XP 64 has a system64 folder.

Check the registry pointer. I remember Mark Russinovich, in one of his blogs,
griping about naming conventions used by XP64, when switching in and out of 64
bit mode.

There are several Microsoft addresses that are ignored by Windows XP, for
"security" reasons, including *** like msn.com. Microsoft has circumvented
hosts use selectively. This article is from a couple months ago.
<http://comments.gmane.org/gmane.comp.security.full-disclosure/43878>
http://comments.gmane.org/gmane.comp.security.full-disclosure/43878

You could use something like eDexter or Hostsman to read Hosts from its current
location. Make sure you know where Hosts is.
<http://accs-net.com/hosts/eDexter.html>
http://accs-net.com/hosts/eDexter.html
<http://hostsman.abelhadigital.com/>
http://hostsman.abelhadigital.com/

I have read the tech manuels on Microsofts web site looking for any hidden
gotchas. Nothing strange there, and indeed they reflect my understand of
how my domain names should be resolved

Here are some links to the resource I have been using

http://www.microsoft.com/technet/itsolutions/network/deploy/depovg/tcpip2k.mspx

This is for Windows 2000, not XP, and so some aspects may well have changed.
Download the article for Windows 2003 from
tp://www.microsoft.com/downloads/details.aspx?familyid=06C60BFE-4D37-4F50-8587-8B68D32FA6EE&displaylang=en
- this includes the XP implementation details.

The documenation is quite clear. I flushed the cache and then listed the
contents on the 64 bit PC. The cache was empty. I did the same thing on
another machine, and their the cache contained the hosts file, as
promised.

This points to XP 64 either not loading the hosts file due to an error on
one of the lines, or it being in the wrong location.

After some more googling I came across a wikipedia entry which stated the
following (give or take a few edits):

Windows XP SP2, and perhaps other versions, appears to ignore the hosts
file if the "DNS Client" service is running. One workaround is to stop the
DNS Cache service. To preserve this setting across reboots ensure that the
service is reconfigured to start manually. (Being a good sport, I added
some text to the entry)

I disable the DNS Client service on the systems here as I've found it has a
habit of getting "stuck", at least on 2000 - if the primary DNS server
doesn't respond to a request it kicks to the secondary, and from then on
only uses the secondary. On occassion I've had DNS resolution fail
completely when the secondary didn't respond quickly, and the machines
didn't return to trying the primary.

That's what I've been told to do - and what I advise everybody else. If you
don't have a real DNS server on your LAN (and this does not include a DNS relay
on your NAT router), leave the DNS service off.

That WikiPedia reference is a bit whack. XP does NOT ignore the Hosts file -
that's why I disable my DNS Client - it takes forever to load when it's big. I
wish whoever wrote that had included a link to that article. WikiPedia is good
for tutorials (but check each link periodically), but I would not use them for a
single definitive reference.

--
Cheers,
Chuck, MS-MVP [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.
.