Views & cache
Kevin Darcy
kcd at daimlerchrysler.com
Tue Jul 13 23:41:41 UTC 2004
Ladislav Vobr wrote:
>Does each view have it's own cache for non-authoritative data as well? I
>was troubleshooting some problem, and it seemed to me, there are
>separate caches for recursive requests.
>
>for example: client in the view A resolves cnn.com (rd,ra flags), it
>will be cached just for view A clients, and client in the view B
>requesting cnn.com (ra,rd flags) has to refetch it again, ignoring the
>"view A cache"?.
>
Yeah, they have to be separate. They might represent totally different
DNS universes. To give a concrete example, some folks have wildcard A
records in an internal root zone, because they want to force all
name-based Internet access through a particular box/device. If a DNS
universe like that happened to be in a view shared by a regular Internet
caching-server view, and cache entries spanned views, then cache entries
for something like cnn.com would essentially "override" the wildcard
entry, defeating the whole purpose.
Remember that "view"s are an evolution of the old "run multiple
nameserver instances listening on different interfaces" methodology. The
caches were separate in that case. If you want the same cache entries
available to multiple communities of clients, then you shouldn't be
using "view"s in the first place; instead you should be differentiating
the communities in terms of allow-query or allow-recursion.
- Kevin
More information about the bind-users
mailing list