RE: DNS Cache - Bind
if your not running with -4 you will get this, unless you have IPv6 configured of course... Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jack Barnett Sent: Tuesday, May 15, 2007 7:46 PM To: freeBSD Subject: DNS Cache - Bind I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network. It doesn't have any zones, it's just a local DNS that has a bunch of forwarders. The first request is slow (between 150 and 300 ms) - but after that (the next query on same domain) is fast (less then 10 ms usually). This is nice and working the way I like it. :) What I'm wondering though is: a) How do I flush the cache if I need to (ie. need to get a new update from the forwards) - just restart named? b) Are there any settings I can tweak that determine how long the cache is kept? (ie. Say I want to keep all queries for 7 days before they are queried from the upstream DNS servers). [This will probably screw up dynamic DNS sites, but want to see what settings are available] c) Is there a easy way to 'blacklist' sites? Say I want 'SpammerNetwork.com' to resolve to 127.0.0.1. Basically I want to take this host file: http://www.mvps.org/winhelp2002/hosts.htm and then pump it into my DNS server, that way all the LAN clients are protected from these sites. Is there a way to do that? -J ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: DNS Cache - Bind
Jack Barnett wrote: I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network. It doesn't have any zones, it's just a local DNS that has a bunch of forwarders. The first request is slow (between 150 and 300 ms) - but after that (the next query on same domain) is fast (less then 10 ms usually). This is nice and working the way I like it. :) What I'm wondering though is: a) How do I flush the cache if I need to (ie. need to get a new update from the forwards) - just restart named? # man rndc # rndc flush b) Are there any settings I can tweak that determine how long the cache is kept? (ie. Say I want to keep all queries for 7 days before they are queried from the upstream DNS servers). [This will probably screw up dynamic DNS sites, but want to see what settings are available] # man named.conf But this is what you're after: max-cache-ttl integer; www.isc.org has a lot more (detailed) info. c) Is there a easy way to 'blacklist' sites? Say I want 'SpammerNetwork.com' to resolve to 127.0.0.1. This is a great start: http://www.cymru.com/Documents/secure-bind-template.html Basically I want to take this host file: http://www.mvps.org/winhelp2002/hosts.htm and then pump it into my DNS server, that way all the LAN clients are protected from these sites. Is there a way to do that? Regards, Mikhail. -- Mikhail Goriachev Webanoide Telephone: +61 (0)3 62252501 Mobile Phone: +61 (0)4 38255158 E-Mail: [EMAIL PROTECTED] Web: www.webanoide.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
DNS Cache - Bind
I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network. It doesn't have any zones, it's just a local DNS that has a bunch of forwarders. The first request is slow (between 150 and 300 ms) - but after that (the next query on same domain) is fast (less then 10 ms usually). This is nice and working the way I like it. :) What I'm wondering though is: a) How do I flush the cache if I need to (ie. need to get a new update from the forwards) - just restart named? b) Are there any settings I can tweak that determine how long the cache is kept? (ie. Say I want to keep all queries for 7 days before they are queried from the upstream DNS servers). [This will probably screw up dynamic DNS sites, but want to see what settings are available] c) Is there a easy way to 'blacklist' sites? Say I want 'SpammerNetwork.com' to resolve to 127.0.0.1. Basically I want to take this host file: http://www.mvps.org/winhelp2002/hosts.htm and then pump it into my DNS server, that way all the LAN clients are protected from these sites. Is there a way to do that? -J ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
