Weird Occurance
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Mon Mar 1 20:39:19 UTC 2004
tnaves at linkwest.net wrote:
> On Wed, 25 Feb 2004 phn at icke-reklam.ipsec.nu wrote:
>> tnaves at linkwest.net wrote:
>> > I have set up two dns servers on Redhat using BIND 9. My network is
>> > behind a firewall. I have a named.cache file. When a name cannot be
>> > resolved from the local database, it uses the hints file to go to th ro=
>> ot
>> > servers and the name is resolved.
>>
>> > A strange thing happened day before yesterday. Suddenly I could not
>> > resolve some names e.g., google.com, while other names e.g., hp.com wol=
>> d
>> > resolve just find. Then, after an hour or so, everything started worki=
>> ng
>> > again. The ttl on my servers is set to 86400 as is the negative cachin=
>> g
>> > ttl.
>>
>> > Could this have been due to caching some bad names? Is there a way to =
>> see
>> > what is in cache?
>>
>> rndc dumpdb will show your cache.
>>
>>
>> Posting your named.conf would give better hints ...
>>
>> What you have set up as TTL has nothing to do with caching from other ser=
>> vers,
>> it will only affect the zones you are auhtorative for.
> What controls the ttl on records in my cache that it has gotten from other
> servers. Also, thanks for the tip on dumping the data base. I noticed
> that it contains only names that are from other servers, none from mine.
> A lot of them are glue records, is that normal?
TTL on RR received is set by the zone-owner at the authorative server.
The best a caching server can do is to obey these.
The ratio of glue-records vs authorative records is probably dependent
on actual usage, i have no figures of this.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list