Brian Candler <[email protected]> writes: > Having added a name to the authoritative server, some clients querying > the *same* pdns recursor consistently saw the new name, but others > consistently saw NXDOMAIN! It was as if there were different views > for different clients. (Sample dig exchanges at end of mail).
While I don't have any insight in the actual recursor code, I have had similar experiences, and thought I'd share some thoughts. I always assumed it was the way the the recursor does threading (individual caches per thread?) that was the reason behind different replies to the same query from different hosts. I may very well be wrong there, of course. Let's talk shortcuts for resolving the issue when you're in a hurry: The one I generally use is "rec_control wipe-cache foo.ntnu.no". This will clear the name "foo.ntnu.no" from the cache, without dropping everything else. Call it the surgical alternative to restarting the recursor. It can take more than one FQDN, but note that it (last I checked) doesn't do what you probably want if you give it an IP-address, but you have to instead do "rec_control wipe-cache 67.56.241.129.in-addr.arpa" to wipe the reverse PTR record for 129.241.56.67. You also have the config options packetcache-ttl and max-negative-ttl. These take a number of seconds. I used to have packetcache-ttl=20 way back when the packetcache was new and wipe-cache only cleared the regular cache. (wipe-cache has wiped also the packet cache for years now). I hope some of this might be helpful for tuning the recursor to work in your environment. Thanks, Øystein _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
