User:Djgreen/Windows Client Side DNS Cache
Considering the amount of recent grief some of our Windows users have had with the SMTP relays, I thought I'd point out a possible solution I've discovered recently.
First of all, let me explain the problem. Windows, unlike Linux/Solaris (or so I assume from the blank stares I've gotten when discussing this issue with *nix admins), uses a client side DNS cache. This means that once your Windows box has resolved that smtp.ncsu.edu is 126.96.36.199, your email clients -- and we have confirmation that its not just an Outlook thing, Thunderbird and Eudora are equally affected -- will always try to use that relay to send mail. Effectively eliminating the benefits of a "round-robin" DNS cluster. Those of you with remote access server farms using DNS round-robin will note that you always tend to get the same machine in the pool... Same problem.
This cache is only cleared when the machine is rebooted or the user resets his IP, using either "ipconfig /renew" or "ipconfig /flushdns"
This is built into Windows 2000, Windows XP, and Windows Server 2003 as a way to speed network queries and reduce network traffic.
Unfortunately, a few of us have had extremely unlucky users who tend to 'find' whichever one of the eight SMTP relays that happens to be having a problem when they want to send mail. In most cases, this is just a temporary glitch (all of our servers decide to be uncooperative every once in a while), but occasionally, it's a larger issue like the one we all experienced last week with UNI08MR. Either way, from the users standpoint -- "email isn't working" and as a critical business practice, its extremely aggravating to deal with.
Other operating systems simply try the resend your mail, and in doing so, randomly pick a different relay. Windows doesn't, continually retrying the same relay until the users start getting "contact your system administrator" error messages.
So how do we make Windows 2000/XP act like the rest of the operating systems and simply move on to another machine in the cluster? http://support.microsoft.com/?kbid=318803
The article above goes into details, but basically, you can turn off the client side DNS cache.
net stop dnscache
sc servername stop dnscache
Running these command from your Windows clients will turn off the cache -- and you can permanently disable it from starting back up if so desired (described in the article). I've tested this and can confirm that "ping smtp.ncsu.edu" will return random relays once the cache has been turned off.
Microsoft notes that "the overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated" but given the chance to eliminate our users occasional inability to send email it may well prove worth it.
Djgreen 10:06, 30 March 2006 (EST)