validating ... bad cache hit
Tony Finch
dot at dotat.at
Fri Apr 24 13:14:31 UTC 2020
Havard Eidnes via bind-users <bind-users at lists.isc.org> wrote:
>
> Looking at the code in BIND 9.14.10 (BIND 9.16.2 doesn't appear to be
> significantly different in this regard), there appears to be a "cache
> of bad records" implemented by lib/dns/badcache.c. There are two
> invocations of dns_resolver_addbadcache() in lib/dns/resolver.c, with
> fairly complicated preconditions to reach each of those two points.
I've had a very quick look at the code, and it looks to me like one case
is due to lack of authoritative server IP addresses, and one is due to
validation failure. I think you could work out whether it is the first
case by dumping the cache and looking for relevant adb entries for the
zone's nameservers. (But you might have to do so within the 10 minute lame
TTL.)
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Shetland Isles: Northeast 3 to 5, becoming variable 3 or less. Slight or
moderate. Fair. Good.
More information about the bind-users
mailing list