I thank you all for providing me such valuable information on DNS Negative 
Caching
I would have never thought that so many things would be Applied in deciding 
what would be cached

I once again thank each one of you and appreciate for the time and valuable 
feedback

Cheers
Harshith

> From: bind-users-requ...@lists.isc.org
> Subject: bind-users Digest, Vol 2189, Issue 1
> To: bind-users@lists.isc.org
> Date: Tue, 1 Sep 2015 12:00:01 +0000
> 
> Send bind-users mailing list submissions to
>       bind-users@lists.isc.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
>       https://lists.isc.org/mailman/listinfo/bind-users
> or, via email, send a message with subject or body 'help' to
>       bind-users-requ...@lists.isc.org
> 
> You can reach the person managing the list at
>       bind-users-ow...@lists.isc.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of bind-users digest..."
> 
> 
> Today's Topics:
> 
>    1. Re: DNS Negative Caching (Chris Buxton)
>    2. How does named log update request (liumingxing)
>    3. Re: DNS Negative Caching (Rich Goodson)
>    4. Re: DNSSEC ZSK rollover (Tony Finch)
>    5. Re: How does named log update request (Tony Finch)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Mon, 31 Aug 2015 07:19:33 -0700
> From: Chris Buxton <cli...@buxtonfamily.us>
> To: Barry Margolin <bar...@alum.mit.edu>
> Cc: comp-protocols-dns-b...@isc.org
> Subject: Re: DNS Negative Caching
> Message-ID: <9ca7db5c-6e06-4ec8-a216-16a926cba...@buxtonfamily.us>
> Content-Type: text/plain; charset=us-ascii
> 
> On Aug 28, 2015, at 5:27 PM, Barry Margolin <bar...@alum.mit.edu> wrote:
> 
> > Note that if a server is authoritative-only, caching is mostly 
> > irrelevant, so the negative cache TTL doesn't much apply. In this case, 
> > the SOA Minimum is just being used as the default TTL.
> 
> No, that is not correct. When responding negatively, the authoritative server 
> uses the negative caching TTL (the Minimum field) as the TTL of the SOA 
> record in the authority section.
> 
> Chris
> 
> ------------------------------
> 
> Message: 2
> Date: Mon, 31 Aug 2015 22:36:30 +0800
> From: liumingxing <liumingx...@cnnic.cn>
> To: bind-users <bind-users@lists.isc.org>
> Subject: How does named log update request
> Message-ID: <2015083122362973447...@cnnic.cn>
> Content-Type: text/plain; charset="gb2312"
> 
> hi,
>     In my server, I found update need longer time, So I want to check why by 
> checking logs.
>   As we know, named Logging of all dynamic update transactions. In the update 
> channel file, how I can know when the server receives update request?
> 
> 
> 
> 
> 
> 
> Mingxing, Liu
>  
> mail?liumingx...@cnnic.cn
> tel??010?58812467
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: 
> <https://lists.isc.org/pipermail/bind-users/attachments/20150831/a9041efe/attachment-0001.html>
> 
> ------------------------------
> 
> Message: 3
> Date: Mon, 31 Aug 2015 10:23:54 -0500
> From: Rich Goodson <rgood...@gronkulator.com>
> To: Harshith Mulky <harshith.mu...@outlook.com>
> Cc: "bind-users@lists.isc.org" <bind-users@lists.isc.org>
> Subject: Re: DNS Negative Caching
> Message-ID: <a997d9bc-0788-4e98-a35a-59194c2f0...@gronkulator.com>
> Content-Type: text/plain; charset="windows-1252"
> 
> I have a feeling that the discussion regarding SOA fields didn?t really 
> answer your question, Harshith.
> 
> Yes, negative results (NXDOMAIN) are usually cached for the amount of time 
> specified in the last field of the SOA. This field was originally named 
> ?Minimum?, but is since used for NXDOMAIN TTL.
> 
> The default amount of time that NXDOMAIN answers will be cached on iterative 
> resolvers for the zone shown below is 3 hours.  
> 
> In your lwresd config file, however, you have man-ncache-ttl defined as 300 
> seconds.  I have not used lwresd much, but I know it supports BIND style 
> config files, so I assume that  lwresd will override the value sent by the 
> authoritative server and only cache NXDOMAIN answers for your zone for 5 
> minutes, just like BIND would do, given that same config directive.
> 
> You can test this behavior by doing ?dig? commands against your lightweight 
> resolver to see what TTL it has cached for a particular zone or RR.
> 
> ?Rich
> 
> > On Aug 25, 2015, at 5:46 AM, Harshith Mulky <harshith.mu...@outlook.com> 
> > wrote:
> > 
> > I have a confusion on how the clients respond to and cache when 
> > particularly we receive negative replies from a DNS Server, particularly 
> > NXDOMAIN or SERVFAIL responses
> > 
> > on the DNS Zone file we have these records
> > $ORIGIN e164.arpa.
> > @   IN     SOA  picardvm2.e164.arpa. e164-contacts.e164.arpa.  (
> >                                 2002022404 ; serial
> >                                 3H ; refresh
> >                                 15 ; retry
> >                                 1w ; expire
> >                                 3h ; minimum
> >                                )
> > 
> > so 3h is basically the amount of time clients are asked to cache negative 
> > results.
> > 
> > Now on the client side at lwresd.conf, if I have 
> > 
> > max-ncache-ttl 300
> > 
> > Will the client override the default 3h value sent as response from the DNS 
> > Sever for the zone e164.arpa
> > 
> > 
> > How are Negative responses usually cached?
> > 
> > Thanks
> > Harshith
> > _______________________________________________
> > Please visit https://lists.isc.org/mailman/listinfo/bind-users 
> > <https://lists.isc.org/mailman/listinfo/bind-users> to unsubscribe from 
> > this list
> > 
> > bind-users mailing list
> > bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
> > https://lists.isc.org/mailman/listinfo/bind-users 
> > <https://lists.isc.org/mailman/listinfo/bind-users>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: 
> <https://lists.isc.org/pipermail/bind-users/attachments/20150831/a2e2c4ef/attachment-0001.html>
> 
> ------------------------------
> 
> Message: 4
> Date: Tue, 1 Sep 2015 11:19:27 +0100
> From: Tony Finch <d...@dotat.at>
> To: Evan Hunt <e...@isc.org>
> Cc: "bind-users@lists.isc.org" <bind-users@lists.isc.org>
> Subject: Re: DNSSEC ZSK rollover
> Message-ID: <alpine.lsu.2.00.1509011108040....@hermes-2.csi.cam.ac.uk>
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> 
> Evan Hunt <e...@isc.org> wrote:
> >
> > It is intentional; it spreads out the work of resigning over a longer
> > period of time to reduce the load on the server. (And a lot of people
> > prefer smaller IXFRs anyway.)
> 
> We have tweaked sig-signing-nodes and sig-signing-signatures to make
> incremental signing work in larger chunks. We also have a wee patch (by
> Chris Thompson) which makes the re-signing jitter more clumpy, so RRsets
> are re-signed if their scheduled time is within 5 minutes of the current
> time instead of 5 seconds. This patch might be an answer to a comment in
> this code which says:
> 
>               /* XXXMPA increase number of RRsets signed pre call */
> 
> https://git.csx.cam.ac.uk/x/ucs/ipreg/bind9.git/commitdiff/2eba83e63a8206d32e12f9f6b763fcdf63294b52
> 
> Tony.
> -- 
> f.anthony.n.finch  <d...@dotat.at>  http://dotat.at/
> Viking, North Utsire: Easterly 4 or 5, increasing 6 at times. Slight or
> moderate, but rough in southwest Viking. Showers later. Good, occasionally
> poor later.
> 
> 
> ------------------------------
> 
> Message: 5
> Date: Tue, 1 Sep 2015 11:34:46 +0100
> From: Tony Finch <d...@dotat.at>
> To: liumingxing <liumingx...@cnnic.cn>
> Cc: bind-users <bind-users@lists.isc.org>
> Subject: Re: How does named log update request
> Message-ID: <alpine.lsu.2.00.1509011128450....@hermes-2.csi.cam.ac.uk>
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> 
> liumingxing <liumingx...@cnnic.cn> wrote:
> 
> >   As we know, named Logging of all dynamic update transactions. In the
> > update channel file, how I can know when the server receives update
> > request?
> 
> Only at debug level 3, for example:
> 
> 2015-09-01.11:25:55.851 client: debug 3: client 127.0.0.1#60986/key 
> local-ddns: view auth: update
> 
> Other preliminary update checks are at debug level 8, e.g.:
> 
> 2015-09-01.11:32:32.162 update: debug 8: client 127.0.0.1#60986/key 
> local-ddns: view auth: updating zone 'dotat.at/IN': update section prescan OK
> 
> Tony.
> -- 
> f.anthony.n.finch  <d...@dotat.at>  http://dotat.at/
> Viking, North Utsire: Easterly 4 or 5, increasing 6 at times. Slight or
> moderate, but rough in southwest Viking. Showers later. Good, occasionally
> poor later.
> 
> 
> ------------------------------
> 
> _______________________________________________
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> 
> End of bind-users Digest, Vol 2189, Issue 1
> *******************************************
                                          
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to