[dns-operations] negative caching weirdness
Robert Edmonds
edmonds at mycre.ws
Fri Apr 22 19:36:04 UTC 2016
Robert Edmonds wrote:
> Matthew Pounsett wrote:
> > On 22 April 2016 at 15:01, Daniel Stirnimann <daniel.stirnimann at switch.ch>
> > wrote:
> >
> > > > Now, the only strange result left is if I look up the name using my
> > > > local resolver which returns 10800.
> > > >
> > > > Your local recursive server will give you the cache TTL, which is the
> > > > amount of time remaining on the TTL, not the TTLs original value.
> > >
> > > I don't think this is the case. I get the same result if I flush the cache.
> > >
> >
> > Is it possible your recursive server implements a max TTL configuration
> > value that is set to 10800?
> >
> > I'm curious what recursive server you're using, if the TTL it reports
> > doesn't decrement as time passes.
>
> Probably BIND, where the default 'max-ncache-ttl' setting is 10800. The
> Unbound equivalent is 'cache-max-negative-ttl' and its default is 3600.
Also, there was a nice presentation of this topic in Amsterdam.
https://indico.dns-oarc.net/event/21/contribution/4/material/slides/0.pdf
--
Robert Edmonds
More information about the dns-operations
mailing list