All,
I know this list is targeted towards NDIS driver discussions but I really don’t know where else to turn. I have written an IPsec client for windows and *nix and have a horribly annoying problem that I don’t know how to solve. I use a simple virtual Ethernet driver that acts as a dummy target for private IP traffic. The adapter specific registry settings are written while it is disabled. It is then enabled using a call to SetupDiCallClassInstaller and DIF_PROPERTYCHANGE. This works fine with the adapter being enabled, configured properly using the correct IP, DNS and WINS settings. The problem is that afterwards, the MS DNS resolver still sends queries using the DNS configuration of the previous adapter that was active. After a few minutes go by, something happens in the OS that causes the resolver to start using the correct DNS server settings that have been newly assigned to the virtual Ethernet adapter. I have reason to believe that this is a problem with the dnscache service. Here are some data points that I have accumulated from google and users on my mailing lists …
-
The nslookup program always sends queries to the correct DNS server. In other words, if you use nslookup immediately after the virtual adapter has become active, it sends queries to the virtual adapter specific DNS server even while the system is using the last active adapter specific DNS configuration. From my research, I believe this is due to the fact that the nslookup program doesn’t use the system DNS resolver. It talks directly to a DNS servers. The interesting thing is that the nslookup program certainly thinks that the virtual adapter DNS settings are the correct ones to use ( and so do I ).
-
If the dnscache service is disabled, the problem I am describing doesn’t occur. If the dnscache service is restarted after the virtual adapter becomes active, the system immediately starts using the correct DNS settings. At first, I thought this may be related to negative DNS lookups being cached by the system. After some searching, I found an undocumented dnsapi function DnsFlushResolverCache and call it after the adapter becomes active. All cached entries are now being flushed but the system still fails to send queries using the virtual adapter specific DNS servers.
-
One user reported that he could perform a “ipconfig /renew” after the virtual adapter becomes active to correct the problem immediately. I don’t really understand this since, at least the virtual adapter, does not use DHCP. I’m not exactly sure all the things that happen ‘under the hood’ when a user issues this command. Maybe this works if the public ( real ) Ethernet adapter uses DHCP because the ipconfig call pokes the dnscache service in the correct way to make it reset whatever internal state is causing my users grief.
-
I have seen a few threads out there of people having similar problems using other VPN clients with no real resolution. Most just say to disable the dnscache service
If anyone has any insight into what could be causing this problem or any suggestions on how to correct it, please let me know. I am at my wits end.
Thanks,
-Matthew