Negative caching SERVFAIL responses
Arjun Nair
Is there a way to turn on negative caching for SERVFAIL responses? RFC 2308 (DNS NCACHE) allows you to cache SERVFAIL responses for up to 5 mins.
Thanks,
Arjun
Peter Dambier
I did it and Im glad it is nolonger automatically done.
When I had a break in connectivity for a couple of minutes,
my resolver replied NXDOMAIN for everything and it would
not heal itself for more that an hour.
It would not work again until I stopped and restarted the
nameserver. When that happened more than once day I was
glad somebody told me how to switch it off with bind 8.
"auth-nxdomain yes" will cache permanently domains that were
missing once.
Kind regards
Peter
--
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: pe...@peter-dambier.de
http://www.peter-dambier.de/
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
Arjun Nair
> Hi Arjun,
>
> I did it and Im glad it is nolonger automatically done.
>
> When I had a break in connectivity for a couple of minutes,
> my resolver replied NXDOMAIN for everything and it would
> not heal itself for more that an hour.
>
> It would not work again until I stopped and restarted the
> nameserver. When that happened more than once day I was
> glad somebody told me how to switch it off with bind 8.
>
> "auth-nxdomain yes" will cache permanently domains that were
> missing once.
>
You make a good point though, caching SERVFAIL responses will lead to undesired behavior when there is a break in connectivity.
Thanks,
Arjun