Some of you may remember our discussions about the ad-blocking HOSTS file.

In order to use this file when going through the proxy server, the file must reside on the proxy server, it's useless on your local hard disk.

Normally, when I change this file on my local hard disk, the changes to the DNS queries happen immediately. I have noticed that when I put the file onto my proxy server, any changes require the proxy server computer to be rebooted before the changes will take effect. It seems that Microsoft Proxy Server is somehow caching the DNS information and isn't going back to the hosts file each time.

I would like to see if I can make the changes take effect without a full reboot of the proxy server. I'm guessing I can do this simply by stopping and restarting one of the NT services on the box. The question is, which one? There is no DNS client service on this box.

This is an NT4 box running IIS 4.0 and Microsoft Proxy Server 2.0. Anyone have any ideas?

Hmm, nailing the "World Wide Web Publishing Service" seemed to work. Makes no sense, but then, little in MS's operating systems does.

Hi.

Usually, an "ipconfig /renew" also does the trick. At least if the Windows machine is running on a DHCP acquired IP.

cu,
sven

ipconfig /flushdns

That'll flush the OS's DNS cache. I'm not sure about Proxy Server, though.

-Dylan

With bind (dns daemon for *nix) the hosts file is always checked locally before it attempts to resolve the hostname. If it's the hosts file on the dns server (and not hosted on the box in question), your machine will end up sending out a dns query like it normally does. it's up to the server to resolve it. i'm pretty sure win32 operates this way too. hell, win32's network stack was bsd up until not too long ago. maybe there's a way to rehash the service w/out rebooting?

If you're doing this for a network of people, i'd suggest a firewall rather than blackholing the offending hostnames' IPs to something non-routable. Or a nice caching squid proxy..

i know it doesnt solve the problem, but hopefully sheds light on it as to why

I can't wait for the day when i come home to read a bit in the forum and do not leave with my head spinning.
I have done some work in this area (mainly setting up networks at small business and homes) but no matter how hard i try i can't seem to wrap my mind around this stuff.
i guess ill have to pick up some books on the subject.

Install Linux and start playing around. That's what I did 8 years ago..

has it really been that long? wow.

That's not true. BIND is a DNS-only server. It never checks a hosts file. Most resolvers (the part of the OS's IP stack that resolves hostnames, etc.) will check the hosts file first, but this is almost always configurable, usually by the /etc/nsswitch.conf file. To confuse matters a little more, many resolvers are based at least partially on BIND code, and are sometimes referred to as BIND resolvers.

Maybe I should have been a little more clear.. the bind package.. which comes with libresolv and all the according binary tools such as nslookup. the libs installed are used by most, if not all userspace programs that want to resolve an fqdn.

Actually, most Unices get their gethostbyname()-type functions from libc. Maybe Linux machines use libresolv a lot these days, though....

And nslookup doesn't actually use libresolv or the gethostbyname()-type functions. It does direct DNS queries, and absolutely never looks at a hosts file. It's intended solely as a DNS tool, not a more generic nameservice tool.

But whatever. I'm arguing semantics. I just wanted to make sure that a novice didn't make a stupid mistake.