Re: DNS Negative Caching

2015-08-31 Thread Rich Goodson 
I have a feeling that the discussion regarding SOA fields didn’t really answer 
your question, Harshith.

Yes, negative results (NXDOMAIN) are usually cached for the amount of time 
specified in the last field of the SOA. This field was originally named 
“Minimum”, but is since used for NXDOMAIN TTL.

The default amount of time that NXDOMAIN answers will be cached on iterative 
resolvers for the zone shown below is 3 hours.  

In your lwresd config file, however, you have man-ncache-ttl defined as 300 
seconds.  I have not used lwresd much, but I know it supports BIND style config 
files, so I assume that  lwresd will override the value sent by the 
authoritative server and only cache NXDOMAIN answers for your zone for 5 
minutes, just like BIND would do, given that same config directive.

You can test this behavior by doing ‘dig’ commands against your lightweight 
resolver to see what TTL it has cached for a particular zone or RR.

—Rich

> On Aug 25, 2015, at 5:46 AM, Harshith Mulky  
> wrote:
> 
> I have a confusion on how the clients respond to and cache when particularly 
> we receive negative replies from a DNS Server, particularly NXDOMAIN or 
> SERVFAIL responses
> 
> on the DNS Zone file we have these records
> $ORIGIN e164.arpa.
> @   IN SOA  picardvm2.e164.arpa. e164-contacts.e164.arpa.  (
> 2002022404 ; serial
> 3H ; refresh
> 15 ; retry
> 1w ; expire
> 3h ; minimum
>)
> 
> so 3h is basically the amount of time clients are asked to cache negative 
> results.
> 
> Now on the client side at lwresd.conf, if I have 
> 
> max-ncache-ttl 300
> 
> Will the client override the default 3h value sent as response from the DNS 
> Sever for the zone e164.arpa
> 
> 
> How are Negative responses usually cached?
> 
> Thanks
> Harshith
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users 
>  to unsubscribe from this 
> list
> 
> bind-users mailing list
> bind-users@lists.isc.org 
> https://lists.isc.org/mailman/listinfo/bind-users 
> 
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

How does named log update request

2015-08-31 Thread liumingxing 
hi,
In my server, I found update need longer time, So I want to check why by 
checking logs.
  As we know, named Logging of all dynamic update transactions. In the update 
channel file, how I can know when the server receives update request?






Mingxing, Liu
 
mail:liumingx...@cnnic.cn
tel:(010)58812467
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: DNS Negative Caching

2015-08-31 Thread Chris Buxton 
On Aug 28, 2015, at 5:27 PM, Barry Margolin  wrote:

> Note that if a server is authoritative-only, caching is mostly 
> irrelevant, so the negative cache TTL doesn't much apply. In this case, 
> the SOA Minimum is just being used as the default TTL.

No, that is not correct. When responding negatively, the authoritative server 
uses the negative caching TTL (the Minimum field) as the TTL of the SOA record 
in the authority section.

Chris
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users