Dear Paul, Thanks a lot for your hints. I've got it.
Regards 2015-02-24 2:18 GMT+08:00 <[email protected]>: > On Mon, 23 Feb 2015, Hongyi Zhao wrote: > > Hi all, >> >> Currently, I use the latest release of unbound 1.5.2 compilled by myself >> on the Debian wheezy. I configured the unbound by some using >> some forward-zone sections in its unbound.conf file, and let it listen >> on the local 1052 port to listen on for queries. >> >> Now, I want to use the unbound-control tool to do some tests, say, >> cleaning some type of record in the cache, say, the A record, by >> using the following command: >> >> $ sudo unbound-control -c /home/werner/software/anti- >> gfw/anti-DNS-cache-poisoning/final-methods/unbound.conf flush A >> > > You are flushing the domain name "A". > > I think you mean > > sudo unbound-control -c /home/werner/software/anti- > gfw/anti-DNS-cache-poisoning/final-methods/unbound.conf flush youtube.com > > If you want to flush only specific types like A records, use flush_type > > Paul > > > > > >> But I failed to clean the cache, please see following for detail: >> >> -------------- begin test ------------------------------ >> werner@debian:~$ dig -p1052 youtube.com >> >> ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p1052 youtube.com >> ;; global options: +cmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20966 >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0 >> >> ;; QUESTION SECTION: >> ;youtube.com. IN A >> >> ;; ANSWER SECTION: >> youtube.com. 3600 IN A 173.194.127.40 >> youtube.com. 3600 IN A 173.194.127.38 >> youtube.com. 3600 IN A 173.194.127.41 >> youtube.com. 3600 IN A 173.194.127.35 >> youtube.com. 3600 IN A 173.194.127.39 >> youtube.com. 3600 IN A 173.194.127.46 >> youtube.com. 3600 IN A 173.194.127.37 >> youtube.com. 3600 IN A 173.194.127.32 >> youtube.com. 3600 IN A 173.194.127.34 >> youtube.com. 3600 IN A 173.194.127.36 >> youtube.com. 3600 IN A 173.194.127.33 >> >> ;; Query time: 715 msec >> ;; SERVER: 127.0.0.1#1052(127.0.0.1) >> ;; WHEN: Mon Feb 23 10:33:41 2015 >> ;; MSG SIZE rcvd: 205 >> >> werner@debian:~$ sudo unbound-control -c /home/werner/software/anti- >> gfw/anti-DNS-cache-poisoning/final-methods/unbound.conf flush A >> ok >> werner@debian:~$ dig -p1052 youtube.com >> ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -p1052 youtube.com >> ;; global options: +cmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22618 >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0 >> >> ;; QUESTION SECTION: >> ;youtube.com. IN A >> >> ;; ANSWER SECTION: >> youtube.com. 3584 IN A 173.194.127.40 >> youtube.com. 3584 IN A 173.194.127.38 >> youtube.com. 3584 IN A 173.194.127.41 >> youtube.com. 3584 IN A 173.194.127.35 >> youtube.com. 3584 IN A 173.194.127.39 >> youtube.com. 3584 IN A 173.194.127.46 >> youtube.com. 3584 IN A 173.194.127.37 >> youtube.com. 3584 IN A 173.194.127.32 >> youtube.com. 3584 IN A 173.194.127.34 >> youtube.com. 3584 IN A 173.194.127.36 >> youtube.com. 3584 IN A 173.194.127.33 >> >> ;; Query time: 0 msec >> ;; SERVER: 127.0.0.1#1052(127.0.0.1) >> ;; WHEN: Mon Feb 23 10:33:57 2015 >> ;; MSG SIZE rcvd: 205 >> -------------- end test ------------------------------ >> >> As you can see, after I've done the flush operation on the A record, >> the 2nd dig command still can fetech the cached A records -- "the >> Query time: 0 msec" of the 2nd run of dig should tell this. >> >> Why does this happen? Could someone please give me some hints? >> >> Regards >> -- >> Hongyi Zhao <[email protected]> >> Xinjiang Technical Institute of Physics and Chemistry >> Chinese Academy of Sciences >> GnuPG DSA: 0xD108493 >> >> -- Hongyi Zhao <[email protected]> Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
