RE: DNS Cache - Bind
if your not running with -4 you will get this, unless you have IPv6 configured of course... Ted > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Jack Barnett > Sent: Tuesday, May 15, 2007 7:46 PM > To: freeBSD > Subject: DNS Cache - Bind > > > I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network. > > It doesn't have any zones, it's just a local DNS that has a bunch > of forwarders. > > The first request is slow (between 150 and 300 ms) - but after that > (the next query on same domain) is fast (less then 10 ms usually). > This is nice and working the way I like it. :) > > What I'm wondering though is: > > a) How do I flush the cache if I need to (ie. need to get a new update > from the forwards) - just restart named? > > b) Are there any settings I can tweak that determine how long the > cache is kept? (ie. Say I want to keep all queries for 7 days before > they are queried from the upstream DNS servers). [This will probably > screw up dynamic DNS sites, but want to see what settings are > available] > > c) Is there a easy way to 'blacklist' sites? Say I want > 'SpammerNetwork.com' to resolve to 127.0.0.1. > > Basically I want to take this host file: > http://www.mvps.org/winhelp2002/hosts.htm > and then pump it into my DNS server, that way all the LAN clients are > "protected" from these sites. > Is there a way to do that? > > > -J > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DNS Cache - Bind
Jack Barnett wrote: > I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network. > > It doesn't have any zones, it's just a local DNS that has a bunch of > forwarders. > > The first request is slow (between 150 and 300 ms) - but after that > (the next query on same domain) is fast (less then 10 ms usually). > This is nice and working the way I like it. :) > > What I'm wondering though is: > > a) How do I flush the cache if I need to (ie. need to get a new update > from the forwards) - just restart named? # man rndc # rndc flush > b) Are there any settings I can tweak that determine how long the > cache is kept? (ie. Say I want to keep all queries for 7 days before > they are queried from the upstream DNS servers). [This will probably > screw up dynamic DNS sites, but want to see what settings are > available] # man named.conf But this is what you're after: max-cache-ttl integer; www.isc.org has a lot more (detailed) info. > c) Is there a easy way to 'blacklist' sites? Say I want > 'SpammerNetwork.com' to resolve to 127.0.0.1. This is a great start: http://www.cymru.com/Documents/secure-bind-template.html > Basically I want to take this host file: > http://www.mvps.org/winhelp2002/hosts.htm > and then pump it into my DNS server, that way all the LAN clients are > "protected" from these sites. > Is there a way to do that? Regards, Mikhail. -- Mikhail Goriachev Webanoide Telephone: +61 (0)3 62252501 Mobile Phone: +61 (0)4 38255158 E-Mail: [EMAIL PROTECTED] Web: www.webanoide.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
DNS Cache - Bind
I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network. It doesn't have any zones, it's just a local DNS that has a bunch of forwarders. The first request is slow (between 150 and 300 ms) - but after that (the next query on same domain) is fast (less then 10 ms usually). This is nice and working the way I like it. :) What I'm wondering though is: a) How do I flush the cache if I need to (ie. need to get a new update from the forwards) - just restart named? b) Are there any settings I can tweak that determine how long the cache is kept? (ie. Say I want to keep all queries for 7 days before they are queried from the upstream DNS servers). [This will probably screw up dynamic DNS sites, but want to see what settings are available] c) Is there a easy way to 'blacklist' sites? Say I want 'SpammerNetwork.com' to resolve to 127.0.0.1. Basically I want to take this host file: http://www.mvps.org/winhelp2002/hosts.htm and then pump it into my DNS server, that way all the LAN clients are "protected" from these sites. Is there a way to do that? -J ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"