Broadband Tip: How to keep DNS Errors from slowing you down!
Works for dial-up too!
John Navas, The Navas Group
May 14, 2002
The speed of broadband tends to be addictive, so it's doubly frustrating when you come to a screeching halt due to a DNS error. If you're running Internet Explorer 6, you may get "The page cannot be displayed" followed by advice that's largely incomprehensible to the average person which concludes with "Cannot find server or DNS Error, Internet Explorer" (click here for sample). You may have goofed and entered an invalid web address, but you may get this error even with a valid web address; worse, if you are using Windows 2000 or Windows XP, the error may persist even when you follow the advice to keep trying. Here's what may be happening, and how to deal with the problem. Note: If you want to skip the explanations, and you are using Windows XP or Windows 2000, jump down to "Turn off unsuccessful ('negative') DNS caching".
Much like the telephone system, real Internet addresses are actually numbers, not names. When your tell your web browser (e.g., Internet Explorer) to go to (say) "www.techtv.com" it first has to convert that name into a numerical Internet address ("188.8.131.52" in the case of "www.techtv.com"). It does that by looking up the address with DNS (Domain Name System), much as you would look up a name in a telephone book to get the proper telephone number to call.
Your ISP (Internet Service Provider) normally provides DNS service to you by giving you a list of addresses of DNS servers (computers) to use, usually at least two in case one happens to fail. Your computer typically gets the addresses of these DNS servers automatically and invisibly by means of DHCP or PPPoE (Internet protocols). When your web browser needs to look up an Internet name (e.g., "www.techtv.com"), your computer sends a query to one of these DNS servers. If it can't get the numerical Internet address from the first server (e.g., the server doesn't respond), it tries other servers in the list. If it's not able to get a numerical Internet address from any of the listed servers, you get a DNS error.
DNS servers are normally pretty reliable, but they can fail. They can also be overwhelmed when an ISP doesn't upgrade them sufficiently to keep up with growth, when network paths get congested, and/or when malicious people mount attacks (e.g., denial of service) over the Internet. When that happens you may see significant delays ("pauses") when trying to access web pages while your computer is trying to look up the necessary Internet addresses, or you simply not be able to access the web pages at all.
It's quite common to access several different web pages on the same server during a given Internet session (e.g., "http://www.techtv.com/techtv/", "http://www.techtv.com/screensavers/", "http://www.techtv.com/screensavers/broadband/"). Looking up the same name (e.g., "www.techtv.com") over and over is obviously wasteful and time-consuming, so your computer typically "caches" (temporarily saves) the first lookup, and uses the cached (saved) numerical Internet address for subsequent accesses in a given period of time. All well and good.
Caching of DNS lookups doesn't just apply to successful ("positive") lookups -- it can also apply to unsuccessful ("negative") lookups. Although this can save time and resources when you try to go to the same invalid web address, it can cause problems when a DNS lookup fails due to temporary server problems at your ISP. The DNS server might well be able to handle the lookup if you tried again (as you are advised to do), but if your computer has cached the unsuccessful lookup, it won't even bother to try again until the cache expires (typically several minutes) or is otherwise cleared (e.g., by rebooting) -- it will just immediately signal the same error.
Prior versions of Windows for consumers (Windows 95/98/Me) didn't cache unsuccessful DNS lookups so they don't experience this problem, but Windows XP has a "DNS Client" service that does cache unsuccessful lookups by default. (Windows 2000 has the same potential problem, but wasn't targeted at consumers.) In addition, recent major changes in the broadband landscape, such as the mass migration of subscribers from the now defunct @Home to ATTBI (AT&T Broadband), has resulted in some DNS reliability problems.
When you can't get to a web page because Windows XP or Windows 2000 has cached an unsuccessful DNS lookup, you can:
(Applies only to Windows XP and Windows 2000.) Unsuccessful ("negative") DNS caching can be disabled by adding three Registry Values (NegativeCacheTime, NetFailureCacheTime, and NegativeSOACacheTime, all not normally present), setting them to zero. Since manual editing of the Registry is a tricky and risky business, I've provided a simple Registry script to do the job. (Click the link to start the download; save the script to your desktop; and then double-click on it to run it. When you get "Are you sure you want to add the information ..." dialog box, click Yes. The script can be tossed into the Recycle Bin after it has been run.) There is no real downside to making these changes -- just delay if you make repeated tries to an invalid Internet name. (Nevertheless, please note that you use this script at your own risk, and that it's always a good idea to back up your Registry before making any change.)
Although it may not be as noticeable as on broadband, this problem can occur on dial-up as well, so turning off unsuccessful ("negative") DNS caching (as described above) is also recommended for dial-up.
To go back to Windows default behavior, simply remove the three Registry Values described above. Since manual editing of the Registry is a tricky and risky business, I've provided a simple INF script to do the job. (Click the link to start the download; save the INF file to your desktop; right-click on it, and then choose Install to run it. The INF file can be tossed into the Recycle Bin after it has been run.) (See note above before proceeding.)
For more information on broadband, including tips on increasing speed, improving security, sharing your connection on multiple computers, and much more, be sure to visit my Navas Cable Modem/DSL Tuning Guide.