I thank you all for providing me such valuable information on DNS Negative Caching I would have never thought that so many things would be Applied in deciding what would be cached
I once again thank each one of you and appreciate for the time and valuable feedback Cheers Harshith > From: bind-users-requ...@lists.isc.org > Subject: bind-users Digest, Vol 2189, Issue 1 > To: bind-users@lists.isc.org > Date: Tue, 1 Sep 2015 12:00:01 +0000 > > Send bind-users mailing list submissions to > bind-users@lists.isc.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.isc.org/mailman/listinfo/bind-users > or, via email, send a message with subject or body 'help' to > bind-users-requ...@lists.isc.org > > You can reach the person managing the list at > bind-users-ow...@lists.isc.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of bind-users digest..." > > > Today's Topics: > > 1. Re: DNS Negative Caching (Chris Buxton) > 2. How does named log update request (liumingxing) > 3. Re: DNS Negative Caching (Rich Goodson) > 4. Re: DNSSEC ZSK rollover (Tony Finch) > 5. Re: How does named log update request (Tony Finch) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 31 Aug 2015 07:19:33 -0700 > From: Chris Buxton <cli...@buxtonfamily.us> > To: Barry Margolin <bar...@alum.mit.edu> > Cc: comp-protocols-dns-b...@isc.org > Subject: Re: DNS Negative Caching > Message-ID: <9ca7db5c-6e06-4ec8-a216-16a926cba...@buxtonfamily.us> > Content-Type: text/plain; charset=us-ascii > > On Aug 28, 2015, at 5:27 PM, Barry Margolin <bar...@alum.mit.edu> wrote: > > > Note that if a server is authoritative-only, caching is mostly > > irrelevant, so the negative cache TTL doesn't much apply. In this case, > > the SOA Minimum is just being used as the default TTL. > > No, that is not correct. When responding negatively, the authoritative server > uses the negative caching TTL (the Minimum field) as the TTL of the SOA > record in the authority section. > > Chris > > ------------------------------ > > Message: 2 > Date: Mon, 31 Aug 2015 22:36:30 +0800 > From: liumingxing <liumingx...@cnnic.cn> > To: bind-users <bind-users@lists.isc.org> > Subject: How does named log update request > Message-ID: <2015083122362973447...@cnnic.cn> > Content-Type: text/plain; charset="gb2312" > > hi, > In my server, I found update need longer time, So I want to check why by > checking logs. > As we know, named Logging of all dynamic update transactions. In the update > channel file, how I can know when the server receives update request? > > > > > > > Mingxing, Liu > > mail?liumingx...@cnnic.cn > tel??010?58812467 > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <https://lists.isc.org/pipermail/bind-users/attachments/20150831/a9041efe/attachment-0001.html> > > ------------------------------ > > Message: 3 > Date: Mon, 31 Aug 2015 10:23:54 -0500 > From: Rich Goodson <rgood...@gronkulator.com> > To: Harshith Mulky <harshith.mu...@outlook.com> > Cc: "bind-users@lists.isc.org" <bind-users@lists.isc.org> > Subject: Re: DNS Negative Caching > Message-ID: <a997d9bc-0788-4e98-a35a-59194c2f0...@gronkulator.com> > Content-Type: text/plain; charset="windows-1252" > > I have a feeling that the discussion regarding SOA fields didn?t really > answer your question, Harshith. > > Yes, negative results (NXDOMAIN) are usually cached for the amount of time > specified in the last field of the SOA. This field was originally named > ?Minimum?, but is since used for NXDOMAIN TTL. > > The default amount of time that NXDOMAIN answers will be cached on iterative > resolvers for the zone shown below is 3 hours. > > In your lwresd config file, however, you have man-ncache-ttl defined as 300 > seconds. I have not used lwresd much, but I know it supports BIND style > config files, so I assume that lwresd will override the value sent by the > authoritative server and only cache NXDOMAIN answers for your zone for 5 > minutes, just like BIND would do, given that same config directive. > > You can test this behavior by doing ?dig? commands against your lightweight > resolver to see what TTL it has cached for a particular zone or RR. > > ?Rich > > > On Aug 25, 2015, at 5:46 AM, Harshith Mulky <harshith.mu...@outlook.com> > > wrote: > > > > I have a confusion on how the clients respond to and cache when > > particularly we receive negative replies from a DNS Server, particularly > > NXDOMAIN or SERVFAIL responses > > > > on the DNS Zone file we have these records > > $ORIGIN e164.arpa. > > @ IN SOA picardvm2.e164.arpa. e164-contacts.e164.arpa. ( > > 2002022404 ; serial > > 3H ; refresh > > 15 ; retry > > 1w ; expire > > 3h ; minimum > > ) > > > > so 3h is basically the amount of time clients are asked to cache negative > > results. > > > > Now on the client side at lwresd.conf, if I have > > > > max-ncache-ttl 300 > > > > Will the client override the default 3h value sent as response from the DNS > > Sever for the zone e164.arpa > > > > > > How are Negative responses usually cached? > > > > Thanks > > Harshith > > _______________________________________________ > > Please visit https://lists.isc.org/mailman/listinfo/bind-users > > <https://lists.isc.org/mailman/listinfo/bind-users> to unsubscribe from > > this list > > > > bind-users mailing list > > bind-users@lists.isc.org <mailto:bind-users@lists.isc.org> > > https://lists.isc.org/mailman/listinfo/bind-users > > <https://lists.isc.org/mailman/listinfo/bind-users> > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <https://lists.isc.org/pipermail/bind-users/attachments/20150831/a2e2c4ef/attachment-0001.html> > > ------------------------------ > > Message: 4 > Date: Tue, 1 Sep 2015 11:19:27 +0100 > From: Tony Finch <d...@dotat.at> > To: Evan Hunt <e...@isc.org> > Cc: "bind-users@lists.isc.org" <bind-users@lists.isc.org> > Subject: Re: DNSSEC ZSK rollover > Message-ID: <alpine.lsu.2.00.1509011108040....@hermes-2.csi.cam.ac.uk> > Content-Type: TEXT/PLAIN; charset=US-ASCII > > Evan Hunt <e...@isc.org> wrote: > > > > It is intentional; it spreads out the work of resigning over a longer > > period of time to reduce the load on the server. (And a lot of people > > prefer smaller IXFRs anyway.) > > We have tweaked sig-signing-nodes and sig-signing-signatures to make > incremental signing work in larger chunks. We also have a wee patch (by > Chris Thompson) which makes the re-signing jitter more clumpy, so RRsets > are re-signed if their scheduled time is within 5 minutes of the current > time instead of 5 seconds. This patch might be an answer to a comment in > this code which says: > > /* XXXMPA increase number of RRsets signed pre call */ > > https://git.csx.cam.ac.uk/x/ucs/ipreg/bind9.git/commitdiff/2eba83e63a8206d32e12f9f6b763fcdf63294b52 > > Tony. > -- > f.anthony.n.finch <d...@dotat.at> http://dotat.at/ > Viking, North Utsire: Easterly 4 or 5, increasing 6 at times. Slight or > moderate, but rough in southwest Viking. Showers later. Good, occasionally > poor later. > > > ------------------------------ > > Message: 5 > Date: Tue, 1 Sep 2015 11:34:46 +0100 > From: Tony Finch <d...@dotat.at> > To: liumingxing <liumingx...@cnnic.cn> > Cc: bind-users <bind-users@lists.isc.org> > Subject: Re: How does named log update request > Message-ID: <alpine.lsu.2.00.1509011128450....@hermes-2.csi.cam.ac.uk> > Content-Type: TEXT/PLAIN; charset=US-ASCII > > liumingxing <liumingx...@cnnic.cn> wrote: > > > As we know, named Logging of all dynamic update transactions. In the > > update channel file, how I can know when the server receives update > > request? > > Only at debug level 3, for example: > > 2015-09-01.11:25:55.851 client: debug 3: client 127.0.0.1#60986/key > local-ddns: view auth: update > > Other preliminary update checks are at debug level 8, e.g.: > > 2015-09-01.11:32:32.162 update: debug 8: client 127.0.0.1#60986/key > local-ddns: view auth: updating zone 'dotat.at/IN': update section prescan OK > > Tony. > -- > f.anthony.n.finch <d...@dotat.at> http://dotat.at/ > Viking, North Utsire: Easterly 4 or 5, increasing 6 at times. Slight or > moderate, but rough in southwest Viking. Showers later. Good, occasionally > poor later. > > > ------------------------------ > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > End of bind-users Digest, Vol 2189, Issue 1 > *******************************************
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
