On Thu, Apr 9, 2015 at 1:48 PM, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > On 09.04.15 13:25, Frank Even wrote: >> >> Is there any place I can look to get a definitive answer in what cases >> "flushname" will and will not work? > > > it will work if you have old entries in the cache. > that will NOT help you if any of the servers that are supposed to be > authoritative for a domain will return invalid answers for the domain. > >> I've been digging around in lists >> and docs and can't seem to find any definitive answers. I've been >> having odd troubles clearing a name from a cache and after even >> clearing the name and the name that the name servers was attached to, >> still had to flush the entire cache to get resolution working properly >> on that domain again. > > > this indicates that any of NS records the domain points to returns NXDOMAIN > for the domain. > > hard to tell without more info, but some web DNS checkers are able to trace > this kind of issues... > --
So flushname does not address NXDOMAIN responses? That's the point I'm getting at, there is no good documentation on this that I can find. All the responses in the lists seem to be around "well it depends on your situation, need more data, etc." I'd like to just be able to find documentation on the specific behaviors of these options so I can understand properly what they do to maintain my environment properly without properly understanding what command will do or not do for me. The closest I have found is this - https://kb.isc.org/article/AA-01002/0/How-do-I-flush-or-delete-incorrect-records-from-my-recursive-server-cache.html - but it does not tgo on to tell what is or is not stored in the ADB (or give a link to figure that out) to properly understand what I can and cannot get dumped from cache by executing an "rndc flushname" command. I no longer have the data regardless, a full flush "fixed" the issue. We have some automation around running a "flushname" on the servers though and that addresses a large number of issues with cache weirdness, so when I got pulled in for something where it wasn't working I was curious as to why. It seems this is a recurring question on the lists, but I can't find where there are any definitive answers anywhere. If there is something that I'm missing I would be highly appreciative of being pointed towards that information. Thanks, Frank _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
