Hi, Thank you for the information and clarification. Although I would still like to have a separate ttl for negative caching regardless of what is set for min-cache-ttl, maybe a note on the man page to note this behavior for the community. Thanks!
On Wed, Sep 21, 2022 at 7:45 AM Simon Kelley <si...@thekelleys.org.uk> wrote: > > > On 20/09/2022 23:54, Glenn Fowler wrote: > > Hi, > > > > I am caching positive responses for 40 minutes (min-cache-ttl), but want > > negative responses cached for only 1 minute. If the forward zone server > > is down momentarily, all of the queries during that time could result in > > an erroneous negative response that gets cached for 40 minutes and > > unreachable during that time instead of the desired 1 minute. > > This is not the case: you need to distinguish between a reply which > says "this domain/RR does not exist" and no response or an error from > the server. The later is never cached. If the forward zone server is > down it can't answer and so can't put anything in the cache. > > > > > With neg-ttl working as expected, a retry after the 1 minute mark would > > result in a positive response. > > See above, in this case there will be error responses until the upstream > server recovers. > > > > > In general, negative responses shouldn't have a high TTL. > > neg-ttl is only a fall-back should a negative response not contain TTL > information, so making it override min-cache-ttl won't affect the normal > case where negative repliues have an SOA record which specifies the TTL. > > There might be an argument for not making min-cache-ttl apply to > negative caching, but I'm not sure that makes sense. min-cache-ttl is a > dangerous option which comes with caveats anyway, if it breaks stuff, > just switch it off. > > Simon. > > > > > On Tue, Sep 20, 2022 at 4:59 PM Geert Stappers via Dnsmasq-discuss > > <dnsmasq-discuss@lists.thekelleys.org.uk > > <mailto:dnsmasq-discuss@lists.thekelleys.org.uk>> wrote: > > > > On Tue, Sep 20, 2022 at 10:41:29AM -0400, Glenn Fowler wrote: > > > Hello, > > > > > > I have observed that if min-cache-ttl time is greater than > > neg-ttl time, > > > then the neg-ttl time is ignored and negative responses are > > cached at the > > > min-cache-ttl time. > > > > > > The expected behavior should be that neg-ttl is independent of > > > min-cache-ttl. > > > > What are the negative effects of it? (a.k.a. With which priority > needs > > it further attention?) > > > > > > > In searching I did find that unbound had the exact same issue: > > > https://github.com/NLnetLabs/unbound/issues/533 > > <https://github.com/NLnetLabs/unbound/issues/533> > > > > > > I am on v2.86 on OpenWrt > > > > > > Thank you > > > > Thanks for what? > > > > > > Groeten > > Geert Stappers > > -- > > Silence is hard to parse > > > > _______________________________________________ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > <mailto:Dnsmasq-discuss@lists.thekelleys.org.uk> > > > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss > > < > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss> > > > > > > _______________________________________________ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss >
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
