auth-nxdomain yes
Mark Andrews
marka at isc.org
Mon Nov 16 05:39:02 UTC 2015
In message <1927990884.5538420.1447651533589.JavaMail.yahoo at mail.yahoo.com>, Go
rdon Freeman writes:
> >> I'm hoping the answer is yes, so that once an NXDOMAIN response is
> >> received by the name server, it will not forward repeated queries for
> >> that same name, at least for as long as the negative cache TTL.Â
> >
> > Named does that by default. Not all authoritative sources however
> > provide a cachable negative answer.
>
> But that's not what I'm seeing. If a client sends 100 queries for a
> non-existent name to its nearest name server, all of them are forwarded
> on up. What I want is for the name server to cache those NXDOMAIN
> answers so even if a client is slamming my DNS, my server is not in turn
> hammering those name servers upstream.
I suggest that you closely re-examine the query stream and the
answer stream because named both consolidates multiple queries and
caches negative answers.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list