Weird Occurance

[phn at icke-reklam.ipsec.nu]

tnaves at linkwest.net wrote:



> On Wed, 25 Feb 2004 phn at icke-reklam.ipsec.nu wrote:

>> tnaves at linkwest.net wrote:
>> > I have set up two dns servers on Redhat using BIND 9.  My network is
>> > behind a firewall.  I have a named.cache file.  When a name cannot be
>> > resolved from the local database, it uses the hints file to go to th ro=
>> ot
>> > servers and the name is resolved.
>> 
>> > A strange thing happened day before yesterday.  Suddenly I could not
>> > resolve some names e.g., google.com, while other names e.g., hp.com wol=
>> d
>> > resolve just find.  Then, after an hour or so, everything started worki=
>> ng
>> > again.  The ttl on my servers is set to 86400 as is the negative cachin=
>> g
>> > ttl.
>> 
>> > Could this have been due to caching some bad names?  Is there a way to =
>> see
>> > what is in cache?
>> 
>> rndc dumpdb will show your cache.
>> 
>> 
>> Posting your named.conf would give better hints ...
>> 
>> What you have set up as TTL has nothing to do with caching from other ser=
>> vers,
>> it will only affect the zones you are auhtorative for.

> What controls the ttl on records in my cache that it has gotten from other
> servers.  Also, thanks for the tip on dumping the data base.  I noticed
> that it contains only names that are from other servers, none from mine.
> A lot of them are glue records, is that normal?

TTL on RR received is set by the zone-owner at the authorative server.
The best a caching server can do is to obey these.

The ratio of glue-records vs authorative records is probably dependent
on actual usage, i have no figures of this.



-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.