Negative caching
Cricket Liu
cricket at acmebw.com
Tue Aug 31 23:09:38 UTC 1999
Robert T. Clift <rclift at nswc.navy.mil> wrote in message
news:<9908311037.ZM1201 at mailsrvx>...
> I've been having a problem with one of our remote sites and name
resolution. We
> use tcp_wrappers to control telnet access and it requires a correct dns
lookup
> before completing the connection, if the site for some reason is
unresolvable
> it seems to stay unresolvable for an hour or more not allowing access. If
I
> restart the named service(8.1.2) it works fine. I read where the default
cache
> is set to one hour. Should I lower this value? Thanks,
With BIND 8.1.2, you can't change the negative caching TTL. It's ten
minutes, hardcoded. With BIND 8.2+, the name server uses the seventh SOA
RDATA field as the negative caching TTL, per RFC 2308, and you can cap that
using max-ncache-ttl, as in:
options {
max-ncache-ttl 2; // Two minutes
};
Still, I wonder if that's really the problem you're seeing.
cricket
Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com
Attend our next DNS and BIND class! See
www.acmebw.com/training.htm for the
schedule and to register for upcoming
classes.
More information about the bind-users
mailing list