Darrin Chandler wrote: > On Wed, Oct 24, 2007 at 11:46:34PM -0400, Brian wrote: >> Make sure you have restarted Firefox after making changes to >> /etc/resolv.conf. Specifically, the application-level DNS cache will >> contain old data if you have not restarted it. This bit me for 3 >> minutes straight after needing to redirect an address. > > I dislike Firefox's caching behavior. My nameservers cache just fine and > they are speedy enough by themselves. Firefox's cache is just another > level of expirations to go through. So I disable it completely. Here's > the cross-platform method, if you should wish to do so: > > In about:config, two new integer entried: > network.dnsCacheExpiration -> 0 > network.dnsCacheEntries -> 0
DNS caching in browsers is (was) meant to provide 'DNS pinning' in order to prevent malicious sites from bypassing browser 'same domain' policy when accessing other/internal servers. Since there are several ways to bypass this protection [1] perhaps it is not that critical to disable it. It is good to be aware of the implications though. Can [1] http://crypto.stanford.edu/dns/
