Hi all, Currently, I use the latest release of unbound 1.5.2 compilled by myself on the Debian wheezy. I configured the unbound by some using some forward-zone sections in its unbound.conf file, and let it listen on the local 1052 port to listen on for queries.
Now, I want to use the unbound-control tool to do some tests, say, cleaning some type of record in the cache, say, the A record, by using the following command: $ sudo unbound-control -c /home/werner/software/anti-gfw/anti-DNS-cache-poisoning/final-methods/unbound.conf flush A But I failed to clean the cache, please see following for detail: -------------- begin test ------------------------------ werner@debian:~$ dig -p1052 youtube.com ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p1052 youtube.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20966 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;youtube.com. IN A ;; ANSWER SECTION: youtube.com. 3600 IN A 173.194.127.40 youtube.com. 3600 IN A 173.194.127.38 youtube.com. 3600 IN A 173.194.127.41 youtube.com. 3600 IN A 173.194.127.35 youtube.com. 3600 IN A 173.194.127.39 youtube.com. 3600 IN A 173.194.127.46 youtube.com. 3600 IN A 173.194.127.37 youtube.com. 3600 IN A 173.194.127.32 youtube.com. 3600 IN A 173.194.127.34 youtube.com. 3600 IN A 173.194.127.36 youtube.com. 3600 IN A 173.194.127.33 ;; Query time: 715 msec ;; SERVER: 127.0.0.1#1052(127.0.0.1) ;; WHEN: Mon Feb 23 10:33:41 2015 ;; MSG SIZE rcvd: 205 werner@debian:~$ sudo unbound-control -c /home/werner/software/anti-gfw/anti-DNS-cache-poisoning/final-methods/unbound.conf flush A ok werner@debian:~$ dig -p1052 youtube.com ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p1052 youtube.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22618 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;youtube.com. IN A ;; ANSWER SECTION: youtube.com. 3584 IN A 173.194.127.40 youtube.com. 3584 IN A 173.194.127.38 youtube.com. 3584 IN A 173.194.127.41 youtube.com. 3584 IN A 173.194.127.35 youtube.com. 3584 IN A 173.194.127.39 youtube.com. 3584 IN A 173.194.127.46 youtube.com. 3584 IN A 173.194.127.37 youtube.com. 3584 IN A 173.194.127.32 youtube.com. 3584 IN A 173.194.127.34 youtube.com. 3584 IN A 173.194.127.36 youtube.com. 3584 IN A 173.194.127.33 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#1052(127.0.0.1) ;; WHEN: Mon Feb 23 10:33:57 2015 ;; MSG SIZE rcvd: 205 -------------- end test ------------------------------ As you can see, after I've done the flush operation on the A record, the 2nd dig command still can fetech the cached A records -- "the Query time: 0 msec" of the 2nd run of dig should tell this. Why does this happen? Could someone please give me some hints? Regards -- Hongyi Zhao <[email protected]> Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
