Another DNS product I've looked at has two options relative to max cache time... A time for Positive responses, and a different time for Negative responses. We are looking for this because on our local domain, sometimes servers unregister in Active Directory DNS upon reboot. This just happened today with one of our servers. After the reboot, it was no longer in DNS. Since Unbound forwards our local domains to our AD DNS servers, it didn't give us a response for this DNS name. I manually ran ipconfig /registerdns on the server once we determined what had happened and within a few minutes, it was resolving again in AD, but some 10 minutes later it was still returning no address when we queried our test Unbound server. Finally, I recycled Unbound, and then queried it for this name, and it returned the expected IP. I'm not 100% sure what happened, but it looks like Unbound queried the AD DNS servers and cached a negative response for this hostname. It looks like Unbound then kept this cached information until I restarted Unbound. Ideally, we'd like to have a "negative cache ttl" set to 60 or 120 seconds, so when a host unregisters itself, then re-registers, Unbound would pick up on the re-registration fairly quickly, instead of caching the negative response... (Assuming this is what happened above)
Am I requesting a new feature? Or is there an existing setting that does this that I've overlooked? Thanks, Paul
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
