On 08-22-2021 1:49 pm, Viktor Dukhovni wrote:
Cached data is used until it *expires*. When a cache hit is *found*
it is immediately used to determine the address status. If however,
the refresh timer has expired, a new probe is sent to try to bring
the cache up to date.
The key difference from the corresponding refresh and expire timers in
the DNS SOA RR, is that a refresh is not automatically generated unless
there is a query for the address in question. Addreses not seen in
actual traffic expire from the cache without refresh attempts.
So another way to look at it...
address_verify_positive_refresh_time
Is when the cached data becomes stale and any mail event after this
time would cause another address query to refresh the cached data.
address_verify_positive_expire_time
Is just house keeping, to purge / prune the database to keep the size
manageable.
Do i understand this right? And what is the downside to having it expire
right after its refresh time? Such as refresh=3h and expire=4h.
