Re: reload but the old value linger
On 21.11.20 00:18, Boylan, Ross wrote: My fix for the DNS lookup problems I reported a few days ago, based on help here, seems to mostly work. But there is one oddity. When the tunnel goes down I comment out the special handling for the zone I reach through the tunnel and reload the server. But my DNS queries return the same internal IP number I got before, at least for awhile. Since I can't reach the remote machine anyway, this is probably a pretty minor problem, but I'd like to understand what's going on and how I might fix it. My theory is that reloading (via rndc reload) does not clear the cache, and that my queries just get the cached value until they expire. Is that plausible? yes. If that is the problem, would rndc flushtree ucsf.edu inside remove the no longer valid values from the cache? ucsf.edu is the domain for which I forward, and it is accessible from the "inside" view. yes. - ucsf.conf.tunnel zone "ucsf.edu" { type forward; forwarders {10.10.10.10;}; }; The nameserver doesn't resolve records that are in the cache and still valid. This section is thus used only when it has to resolve under ucsf.edu something that is not in cache. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #9: Out of error messages. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
reload but the old value linger
My fix for the DNS lookup problems I reported a few days ago, based on help here, seems to mostly work. But there is one oddity. When the tunnel goes down I comment out the special handling for the zone I reach through the tunnel and reload the server. But my DNS queries return the same internal IP number I got before, at least for awhile. Since I can't reach the remote machine anyway, this is probably a pretty minor problem, but I'd like to understand what's going on and how I might fix it. My theory is that reloading (via rndc reload) does not clear the cache, and that my queries just get the cached value until they expire. Is that plausible? If that is the problem, would rndc flushtree ucsf.edu inside remove the no longer valid values from the cache? ucsf.edu is the domain for which I forward, and it is accessible from the "inside" view. Details: My main bind configuration includes view "inside" { match-clients { internals; }; recursion yes; // next is only active when vpn tunnel is up //when tunnel goes down it is commented out include "/etc/bind/ucsf.conf.tunnel"; // allow dhcp to update me include "/etc/bind/rndc.key"; include "/etc/bind/named.conf.default-zones"; zone "1.168.192.in-addr.arpa" { # stuff } # and a forward zone }; lwres { view "inside"; search { "betterworld.us";}; }; And the sometimes included file is - ucsf.conf.tunnel zone "ucsf.edu" { type forward; forwarders {10.10.10.10;}; }; ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users