What do you have lame-ttl set to?
In message <[email protected]>, Fr34k writes: > Hello, > > Given: BIND 9.7.2-P2 on Solaris 10. > > For about an hour, I had a network event where a caching DNS server could not > > get recursive queries back from authoritative DNS servers on the Internet. > > Obviously, this is a problem. > > Moreover, the authority for our most popular hostnames have set very low TTLs > > (less than a minute), so nothing in cache for the server to call upon during > this hour long event. > > Yuck. > > A snoop of port 53 traffic at the time shows client PCs requested hostname > resolution -- as they would normally do. > > Now, for the interesting part. > > >From the same snoop of traffic, the caching DNS server did not send ANY resp > onse > back to these PC clients for these low TTL popular hostnames. > > Keep in mind that I did snoop until *after* the event started. > > So, it may be the case that some BIND mechanism was behaving appropriate for > queries which it could not act upon. I can appreciate that BIND makes decisi > ons > with network performance in mind. > > In my attempts to understand negative caching, Sections 7.1 and 7.2 of RFC 23 > 08 > list Server Failure and Dead / Unreachable Server as "(OPTIONAL)" utilities. > > Bind 9.7 ARM says that "the server stores negative answers" for (default) 3 > hours; however, I'm not sure what the expected BIND behavior is. > > Would some mechanism, such has max-ncache-ttl or clients-per-query, be > responsible for this lack of return traffic? > > Anyone have ideas to share? > > Thank you. > > _______________________________________________ > bind-users mailing list > [email protected] > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
