Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Caching Nameserver, Problems setting up an RPM-based nameser
RandySparks
post Jun 29 2004, 02:44 PM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 4
Joined: 29-June 04
Member No.: 3,257



For various reasons I've set up a caching nameserver. This is based on Bind - I'm using Fedora Core 1 so used the RPMs for Bind and caching-nameserver (with a regular yum update to avoid security worries).

It works very well - dig proves that my nameserver is looking up addresses itself. Because the DNS service supplied by our ISP can be slow at times, I've switched myself and several colleagues over to this nameserver.

The trouble is the speed at which the cached DNS addresses seem to expire. For example, I can "dig" google.com and get a wait for around 500ms (as my nameserver queries the top level DNSes). If I do it again, I get a wait of around 3ms (obviously based on the cached results).

Great! The trouble is that this expires really quickly - if I try to "dig" google.com again ten minutes later, it does the inital look-up again, taking around 500ms. Then I'm back to 3ms etc.

I read somewhere that the top level DNSes control how long a record will stay cached, but surely it can stay cached for longer than 10 minutes? Is there any way to override the timeout (the TTL, I'd guess)? I'd like to set a day for every DNS record which gets cached.

Also, where exactly is the cache stored? Is it in memory or as a database file on the hard disk?

Thanking you in advance for any help.
Go to the top of the page
 
+Quote Post
hughesjr
post Jun 29 2004, 09:19 PM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



You can set the time you cache items by editing the file:

/var/named/named.local and editing the line:

86400 ) ; Minimum

That is 24 hours default on my caching name server ... and probably on your as well. So, your server will cache all info for 24 hours for outside zones....BUT -----

BUT remember that the primary domain controller for a zone controls the minimum refresh rate for that zone ... so yahoo.com controls thier minumum refresh rate. Your caching server will do 24 hours or the minimum they specify ... which ever is less.

It just so happens that yahoo.com specifies 600 seconds as minimum time ... so 600 seconds it is.

Here is how to see the time specified for a zone ... use this command:

nslookup -sil

now you are in the nslookup prompt ... issue the command:

set type=soa

now issue the command:

yahoo.com

the result should be:

CODE
yahoo.com
       origin = ns1.yahoo.com
       mail addr = hostmaster.yahoo-inc.com
       serial = 2004062922
       refresh = 900
       retry = 300
       expire = 604800
       minimum = 600

Authoritative answers can be found from:
ns1.yahoo.com   internet address = 66.218.71.63


SO, no matter what you do, your name server will requery yahoo.com at every 600 seconds...(and since retry is 300 seconds ... the server will retry every 300 seconds).

now type the command:

abc123.com

the result:
CODE
Non-authoritative answer:
abc123.com
       origin = dns37.register.com
       mail addr = root.register.com
       serial = 200103273
       refresh = 10800
       retry = 86400
       expire = 604800
       minimum = 3600

Authoritative answers can be found from:
dns37.register.com      internet address = 216.21.234.89


SO your server would query that record every 3600 seconds (1 hour)...since the retry is 86400, it will retry every 3600 seconds (the minimum of the 2).

The contoller of the domain sets the minimum refresh time for thier domain ... I don't think you can override it.
------------------------
The cache is initially stored in memory, but can also be written to disk in /var/named .

-----------------------
Also .. in the dig command, the second column is how long till that record will be lookup up again ... so do:

dig www.yahoo.com

the answer section says:

[code];; ANSWER SECTION:
www.yahoo.com. 300 IN CNAME www.yahoo.akadns.net.
www.yahoo.akadns.net. 46 IN A 216.109.117.107
www.yahoo.akadns.net. 46 IN A 216.109.117.207
www.yahoo.akadns.net. 46 IN A 216.109.117.108
www.yahoo.akadns.net. 46 IN A 216.109.118.71
www.yahoo.akadns.net. 46 IN A 216.109.118.72
www.yahoo.akadns.net. 46 IN A 216.109.118.66
www.yahoo.akadns.net. 46 IN A 216.109.118.69
www.yahoo.akadns.net. 46 IN A 216.109.117.109[/b]

SO ... yahoo.com will be 300 seconds ...

you will quesry YOUR name server (from your machine) every 60 seconds ... and your DNS will retry every 300 seconds to the yahoo.com server.

------------------
see this reference:

http://ldp.hughesjr.com/HOWTO/DNS-HOWTO-3.html


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 16th December 2017 - 01:49 PM