DNS Negative Caching

Kevin Oberman rkoberman at gmail.com
Thu Aug 27 07:06:59 UTC 2015


On Tue, Aug 25, 2015 at 12:50 AM, Reindl Harald <h.reindl at thelounge.net>
wrote:

>
>
> Am 25.08.2015 um 12:46 schrieb Harshith Mulky:
>
>> I have a confusion on how the clients respond to and cache when
>> particularly we receive negative replies from a DNS Server, particularly
>> NXDOMAIN or SERVFAIL responses
>>
>> on the DNS Zone file we have these records
>> $ORIGIN e164.arpa.
>> @   IN     SOA  picardvm2.e164.arpa. e164-contacts.e164.arpa.  (
>>                                  2002022404 ; serial
>>                                  3H ; refresh
>>                                  15 ; retry
>>                                  1w ; expire
>> *3h* ; minimum
>>                                 )
>>
>> so 3h is basically the amount of time clients are asked to cache
>> negative results.
>>
>> Now on the client side at lwresd.conf, if I have
>>
>> max-ncache-ttl 300
>>
>> Will the client override the default 3h value sent as response from the
>> DNS Sever for the zone e164.arpa
>>
>
> yes, that's the purpose of this setting
>
> How are Negative responses usually cached?
>>
>
> by TTL while in case of a SERVFAIL i am not sure if it get cached
>

Only authoritative negative responses are cached. SERVFAILs are never
authoritative, by definition.
--
Kevin Oberman, Network Engineer, Retired
E-mail: rkoberman at gmail.com
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150826/f1f4b9dc/attachment.html>


More information about the bind-users mailing list