Thanks a lot, got it. H. Zhao
Regards 2015-02-23 16:50 GMT+08:00 W.C.A. Wijngaards <[email protected]>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hi Hongyi, > > On 23/02/15 03:49, Hongyi Zhao wrote: > > Hi all, > > > > Currently, I use the latest release of unbound 1.5.2 compilled by > > myself on the Debian wheezy. I configured the unbound by some > > using some forward-zone sections in its unbound.conf file, and let > > it listen on the local 1052 port to listen on for queries. > > > > Now, I want to use the unbound-control tool to do some tests, say, > > cleaning some type of record in the cache, say, the A record, by > > using the following command: > > > > $ sudo unbound-control -c > > > /home/werner/software/anti-gfw/anti-DNS-cache-poisoning/final-methods/unbound.conf > > > > > flush A > > You flush here the domain-name "A". The command expects a domain > name, so like: flush example.com removes the example.com A record. > > Best regards, > Wouter > > > But I failed to clean the cache, please see following for detail: > > > > -------------- begin test ------------------------------ > > werner@debian:~$ dig -p1052 youtube.com <http://youtube.com> > > > > ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p1052 youtube.com > > <http://youtube.com> ;; global options: +cmd ;; Got answer: ;; > > ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20966 ;; flags: qr > > rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0 > > > > ;; QUESTION SECTION: ;youtube.com <http://youtube.com>. > > IN A > > > > ;; ANSWER SECTION: youtube.com <http://youtube.com>. 3600 > > IN A 173.194.127.40 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.38 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.41 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.35 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.39 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.46 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.37 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.32 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.34 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.36 youtube.com <http://youtube.com>. > > 3600 IN A 173.194.127.33 > > > > ;; Query time: 715 msec ;; SERVER: 127.0.0.1#1052(127.0.0.1) ;; > > WHEN: Mon Feb 23 10:33:41 2015 ;; MSG SIZE rcvd: 205 > > > > werner@debian:~$ sudo unbound-control -c > > > /home/werner/software/anti-gfw/anti-DNS-cache-poisoning/final-methods/unbound.conf > > > > > flush A > > ok werner@debian:~$ dig -p1052 youtube.com <http://youtube.com> ; > > <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p1052 youtube.com > > <http://youtube.com> ;; global options: +cmd ;; Got answer: ;; > > ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22618 ;; flags: qr > > rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0 > > > > ;; QUESTION SECTION: ;youtube.com <http://youtube.com>. > > IN A > > > > ;; ANSWER SECTION: youtube.com <http://youtube.com>. 3584 > > IN A 173.194.127.40 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.38 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.41 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.35 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.39 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.46 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.37 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.32 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.34 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.36 youtube.com <http://youtube.com>. > > 3584 IN A 173.194.127.33 > > > > ;; Query time: 0 msec ;; SERVER: 127.0.0.1#1052(127.0.0.1) ;; WHEN: > > Mon Feb 23 10:33:57 2015 ;; MSG SIZE rcvd: 205 -------------- end > > test ------------------------------ > > > > As you can see, after I've done the flush operation on the A > > record, the 2nd dig command still can fetech the cached A records > > -- "the Query time: 0 msec" of the 2nd run of dig should tell > > this. > > > > Why does this happen? Could someone please give me some hints? > > > > Regards -- Hongyi Zhao <[email protected] > > <mailto:[email protected]>> Xinjiang Technical Institute of > > Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: > > 0xD108493 > > > > > > _______________________________________________ Unbound-users > > mailing list [email protected] > > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQIcBAEBCAAGBQJU6unLAAoJEJ9vHC1+BF+NjBwP/i250ZVWggolI/h+T0HvbZ9z > wSrBVqwaUndkRCvR+orRJft93gP/4UxERAH4OLuSri1hysVZrb8z4U8whttJrmzA > hoZM+z2OEtpHdWYWKJPdDDrztiQ9pLRdjvaYFplzoyNrKAVCsFju2WX+atglrMKH > du6+AP0T0PtaKW27fjna8kwnz2Rm/i04GB3Qj0vTdIz/g4r68s4l9Eeh5K1cf47M > vZGq7TCuc50kpFy9VdqKKXv65bYPCz2OG+Kv6b0LF3JgfbozE8+h5yANDIgTTUXL > 1yNeKPkHDV+pOrpM/ZPoX4IM4YusQ1U8lqUQ1jbIMkeSnwvCGCmlnGb5D6h12C09 > xXx/nIY0SiaHQZFqsaYhoa9ixThs2HpIcu+2LOpyW/aoJykDNP1GzNPoBRQTbPy+ > ap2KQnivvWUaYTe9tK0aaYNXRfOyOXQHAjXuQIjU/rgKlcX+4fjYyIORzfFVdGfz > uoqdbcflnEeeWQ8xF2SS7fq4PWDy8jMMGhOMpXoLIlFnDVc8IGGYaQfu9zvLuBhj > tgvLBEtIxJ/xq7I5lgduQXVwKVICT3/1n5ev4N4eBBhNRCgBYQsjPrFepQFJocms > xs7yj3O9w/trOxOgYso0LVOVeonu6x5zV4qZpE8RUPCekohcXfFfvZ83oFAfRXbx > 68HQCK0vFtvB+bO6u4B9 > =fRai > -----END PGP SIGNATURE----- > _______________________________________________ > Unbound-users mailing list > [email protected] > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users > -- Hongyi Zhao <[email protected]> Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
