Bind-8.2.3-REL: negative cache TTL of 3 hours ? [long]
Daniel Roesen
droesen at entire-systems.com
Wed Apr 18 00:16:08 UTC 2001
On Fri, Apr 13, 2001 at 12:03:04PM +0000, Pierre Wendling wrote:
> What is surprising is the 10800 TTL (3 hours) !!! I looked in the
> Cricket book and it says (page 35): "TTL for negatively cached data
> isn't tunable by the domain admin; it's harcoded to 10 minutes"
This is outdated. RFC 2308 describes using the MINIMUM TTL value of
the SOA as negative caching TTL.
> 169.16.172.in-addr.arpa. 2h55m36s IN SOA romeo.an.sopra. root.romeo.an.sopra. (
> 0 ; serial
> 8H ; refresh
> 2H ; retry
> 1W ; expiry
> 12H ) ; minimum
Your zone specifies 12 hours negative caching TTL.
> I don't have any clue about where this 3 hours TTL is coming from ...
This is because of BIND limiting the maximum negative caching TTL
to 3 hours, even if you have defined 12H in the SOA.
from http://www.isc.org/products/BIND/docs/config/options.html:
max-ncache-ttl
To reduce network traffic and increase performance the server
stores negative answers. max-ncache-ttl is used to set a maximum
retention time for these answers in the server is seconds. The
default max-ncache-ttl is 10800 seconds (3 hours). max-ncache-ttl
cannot exceed the maximum retention time for ordinary (positive)
answers (7 days) and will be silently truncated to 7 days if set
to a value which is greater that 7 days.
and discussion on why limiting, from RFC 2308:
As with caching positive responses it is sensible for a resolver to
limit for how long it will cache a negative response as the protocol
supports caching for up to 68 years. Such a limit should not be
greater than that applied to positive answers and preferably be
tunable. Values of one to three hours have been found to work well
and would make sensible a default. Values exceeding one day have
been found to be problematic.
Best regards,
Daniel
--
----------------------------------------------------------------------
entire systems GmbH | droesen at entire-systems.com
Internet Services | Phone: +49 2624 9550-55
Ferbachstrasse 12 | Fax: +49 2624 9550-20
D-56203 Hoehr-Grenzhausen | http://www.entire-systems.com/
----------------------------------------------------------------------
More information about the bind-users
mailing list