3.4 Negative Caching (DNS NCACHE)
Keeping negative replies to DNS requests is defined by RFC 1034 and RFC 2308.
Negative caching means that into the name server cache is entered information that authoritative name server bear out that the requested RR record not existing in DNS.
Resolvers used in the past did not generate the same negative answers to the same request. In order for us to use negative replies correctly, we need to exactly define the content of a negative reply and the time for which it should be kept in cache.
RFC 1034 defines negative caching as optional. Some BIND implementations like BIND version 4.9.2 support negative caching. RFC 2308 defines negative caching as an obligatory feature of the resolver and defines the content of a negative reply.
Windows 2000 uses negative caching. The time is kept implicitly at 5 minutes. If we want to change this time period, we have to adjust the NegativeCacheTime key (of the REG_DWORD type) in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet...
