caching dns appears to not cache.

caching dns appears to not cache.

Post by joseph Phili » Fri, 08 Feb 2002 05:39:49



    I'm running  an old version of bind, 8. something. I've set it up to do
caching as stated in the DNS howto . the named.conf is as follows:

// Config file for a caching only name server.

options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
listen-on { 10.0.0.1; 127.0.0.1; };
allow-query {
     10.0.0.0/8;
     127.0.0.1;

Quote:};

        // query-source address * port 53;
        forward first;
        forwarders {
           ISP.DNS.ONE.ONE;
           ISP.DNS.ONE.TWO;
        };

Quote:};

//
// a caching only nameserver config
//
zone "." {
        type hint;
        file "root.hints";

Quote:};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "pz/127.0.0";
Quote:};

However, I see dns requests going to our isp and comming back at all times.
computer 1 pings google.com . named does the resolve dance (which I am
watching with tcpdump) and sends the reply to computer 1.

computer 2 pings google.com. named does the resolve dance and sends the
reply to computer 2.

Shouldn't named just reply to computer 2 with the cached ip's ??

joseph

 
 
 

caching dns appears to not cache.

Post by David Efflan » Fri, 08 Feb 2002 11:02:33



>     I'm running  an old version of bind, 8. something. I've set it up to do
> caching as stated in the DNS howto . the named.conf is as follows:

> // Config file for a caching only name server.

> options {
>         directory "/var/named";
>         /*
>          * If there is a firewall between you and nameservers you want
>          * to talk to, you might need to uncomment the query-source
>          * directive below.  Previous versions of BIND always asked
>          * questions using port 53, but BIND 8.1 uses an unprivileged
>          * port by default.
>          */
> listen-on { 10.0.0.1; 127.0.0.1; };
> allow-query {
>      10.0.0.0/8;
>      127.0.0.1;
> };

>         // query-source address * port 53;
>         forward first;
>         forwarders {
>            ISP.DNS.ONE.ONE;
>            ISP.DNS.ONE.TWO;
>         };
> };

> //
> // a caching only nameserver config
> //
> zone "." {
>         type hint;
>         file "root.hints";
> };

> zone "0.0.127.in-addr.arpa" {
>         type master;
>         file "pz/127.0.0";
> };
> However, I see dns requests going to our isp and comming back at all times.
> computer 1 pings google.com . named does the resolve dance (which I am
> watching with tcpdump) and sends the reply to computer 1.

> computer 2 pings google.com. named does the resolve dance and sends the
> reply to computer 2.

> Shouldn't named just reply to computer 2 with the cached ip's ??

Unfortunately I do not have 'man named.conf' on this bind 9 system.
Maybe 'forward first;' does exactly what it says, forwards first to your
ISP's nameserver(s).  Try commenting that out.  Then I think it will only
fall back to forwarders if NOT in your cache or local zones.

--
David Efflandt - All spam is ignored - http://www.de-srv.com/
http://www.autox.chicago.il.us/  http://www.berniesfloral.net/
http://cgi-help.virtualave.net/  http://hammer.prohosting.com/~cgi-wiz/

 
 
 

caching dns appears to not cache.

Post by joseph phili » Fri, 08 Feb 2002 12:30:40






>>     I'm running  an old version of bind, 8. something. I've set it up
>>     to do
>> caching as stated in the DNS howto . the named.conf is as follows:

>> // Config file for a caching only name server.

>> options {
>>         directory "/var/named";
>>         /*
>>          * If there is a firewall between you and nameservers you want
>>          * to talk to, you might need to uncomment the query-source *
>>          directive below.  Previous versions of BIND always asked *
>>          questions using port 53, but BIND 8.1 uses an unprivileged *
>>          port by default.
>>          */
>> listen-on { 10.0.0.1; 127.0.0.1; };
>> allow-query {
>>      10.0.0.0/8;
>>      127.0.0.1;
>> };

>>         // query-source address * port 53;
>>         forward first;
>>         forwarders {
>>            ISP.DNS.ONE.ONE;
>>            ISP.DNS.ONE.TWO;
>>         };
>> };

>> //
>> // a caching only nameserver config
>> //
>> zone "." {
>>         type hint;
>>         file "root.hints";
>> };

>> zone "0.0.127.in-addr.arpa" {
>>         type master;
>>         file "pz/127.0.0";
>> };
>> However, I see dns requests going to our isp and comming back at all
>> times. computer 1 pings google.com . named does the resolve dance
>> (which I am watching with tcpdump) and sends the reply to computer 1.

>> computer 2 pings google.com. named does the resolve dance and sends the
>> reply to computer 2.

>> Shouldn't named just reply to computer 2 with the cached ip's ??

> Unfortunately I do not have 'man named.conf' on this bind 9 system.
> Maybe 'forward first;' does exactly what it says, forwards first to your
> ISP's nameserver(s).  Try commenting that out.  Then I think it will
> only fall back to forwarders if NOT in your cache or local zones.

Roger that, however the doc says that forward first is the default.
"forward only" means to forward to the ip's listed only.  i take it that
that means it will give up if those computers say they don't know a host
name...

I'll experiment a bit more.

 
 
 

caching dns appears to not cache.

Post by Villy Kru » Fri, 08 Feb 2002 22:00:22


On Wed, 06 Feb 2002 22:30:40 -0500,

Quote:

>Roger that, however the doc says that forward first is the default.
>"forward only" means to forward to the ip's listed only.  i take it that
>that means it will give up if those computers say they don't know a host
>name...

>I'll experiment a bit more.

Try to dump the DNS cache using "killall -2 named".  Then look at
/var/named/named_dump.db

A lot of names have very short time to live, less than an hour, and
that would make the caching name server less efficient.

Villy

 
 
 

1. Pragma "no-cache" and Cache-Control "no-cache"

Hi people. Maybe someone of you can help me !!!

I'm Gabriele from Italy.

We have just installed an Apache server 1.3.1 on a Linux 2.0.33
server. Our web site contains pages that are daily updated and so we
want the user not to cache them anyway. So far, the only way to escape
this problem has been to let these pages pass through a cgi-bin
script. By this way, pages don't get cached.

Before that we tried with META tags inside the document as Expires,
but it seemed not to work correctly. Now we set the server to put
Headers in specified Directories (the ones that contains pages we want
not to be cached) - we compiled apache with mod_headers. And so we put
this on access.conf:

<Directory /usr1/www_tmp/htdocs/tlm/mostre>
AllowOverride All
#  Cache-Control  - HTTP/1.1  Header (Explorer)
#  Pragma - HTTP/1.0 Header (Netscape)
Header set Cache-Control "no-cache"
Header set Pragma "no-cache"
#ExpiresActive On
#ExpiresByType text/html "now"
Options FollowSymLinks
</Directory>

I tried this: that if we put Pragma header before Cache-Control,
Explorer (that use HTTP/1.1) ignore the last one. And Explorer does
the same if we insert any Expires header as the ones mentioned above
(we must comment them). Why? Netscape, instead, goes well.

Do you have any suggestions? Is it correct for you, or not? Should I
use  other headers or anything else?

And, how can I do not to permit proxies to cache these daily updated
pages?

Thank you everybody who'll pay attention to my message.

Ciao
Gabriele

2. Test...

3. 486 caches. beware, DTK does not cache properly

4. ObjectExpress White Paper

5. Caching nameserver does not cache!

6. Two NIC cards in a linux box.

7. to cache or not to cache that is hte ?

8. IPtables newbie

9. caching-only name server not caching.

10. disabling nscd host cache not a good workaround for DNS problems

11. Squid does not cache after DNS server down

12. How Inode cache and Directory Cache are maintained By VFS of Linux Kernel

13. 256k cache vs 512k cache