On 2015-10-25 09:20, Stephane Bortzmeyer via Unbound-users wrote:
On Sun, Oct 25, 2015 at 12:59:23AM -0700,
Dave Warren via Unbound-users <[email protected]> wrote
a message of 58 lines which said:
Unbound has a "cache-max-negative-ttl", but no minimum is listed at
https://unbound.net/documentation/unbound.conf.html
I disagree, there is:
cache-min-ttl: <seconds>
Time to live minimum for RRsets and messages in the cache.
Default is 0. If the minimum kicks in, the data is
cached for ...
Note that, unlike cache-max-ttl, it is a violation of the protocol
and, of you use it, horrible things may happen.
Doesn't this control minimum TTLs on all queries, not just negative
results?
At least in the context of a mail server, over-caching negative results
will only cause a small amount of pain whereas over-caching positive
results may cause real deliverability problems.
If this instance of Unbound only handles DNSBL traffic and nothing else,
then it's possibly not-too-dangerous, at least if the minimum is kept
reasonable. A handful of minutes, perhaps?
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
