Help - Search - Members - Calendar
Full Version: Caching Nameserver
Linuxhelp > Support > Technical Support
For various reasons I've set up a caching nameserver. This is based on Bind - I'm using Fedora Core 1 so used the RPMs for Bind and caching-nameserver (with a regular yum update to avoid security worries).

It works very well - dig proves that my nameserver is looking up addresses itself. Because the DNS service supplied by our ISP can be slow at times, I've switched myself and several colleagues over to this nameserver.

The trouble is the speed at which the cached DNS addresses seem to expire. For example, I can "dig" and get a wait for around 500ms (as my nameserver queries the top level DNSes). If I do it again, I get a wait of around 3ms (obviously based on the cached results).

Great! The trouble is that this expires really quickly - if I try to "dig" again ten minutes later, it does the inital look-up again, taking around 500ms. Then I'm back to 3ms etc.

I read somewhere that the top level DNSes control how long a record will stay cached, but surely it can stay cached for longer than 10 minutes? Is there any way to override the timeout (the TTL, I'd guess)? I'd like to set a day for every DNS record which gets cached.

Also, where exactly is the cache stored? Is it in memory or as a database file on the hard disk?

Thanking you in advance for any help.
You can set the time you cache items by editing the file:

/var/named/named.local and editing the line:

86400 ) ; Minimum

That is 24 hours default on my caching name server ... and probably on your as well. So, your server will cache all info for 24 hours for outside zones....BUT -----

BUT remember that the primary domain controller for a zone controls the minimum refresh rate for that zone ... so controls thier minumum refresh rate. Your caching server will do 24 hours or the minimum they specify ... which ever is less.

It just so happens that specifies 600 seconds as minimum time ... so 600 seconds it is.

Here is how to see the time specified for a zone ... use this command:

nslookup -sil

now you are in the nslookup prompt ... issue the command:

set type=soa

now issue the command:

the result should be:

       origin =
       mail addr =
       serial = 2004062922
       refresh = 900
       retry = 300
       expire = 604800
       minimum = 600

Authoritative answers can be found from:   internet address =

SO, no matter what you do, your name server will requery at every 600 seconds...(and since retry is 300 seconds ... the server will retry every 300 seconds).

now type the command:

the result:
Non-authoritative answer:
       origin =
       mail addr =
       serial = 200103273
       refresh = 10800
       retry = 86400
       expire = 604800
       minimum = 3600

Authoritative answers can be found from:      internet address =

SO your server would query that record every 3600 seconds (1 hour)...since the retry is 86400, it will retry every 3600 seconds (the minimum of the 2).

The contoller of the domain sets the minimum refresh time for thier domain ... I don't think you can override it.
The cache is initially stored in memory, but can also be written to disk in /var/named .

Also .. in the dig command, the second column is how long till that record will be lookup up again ... so do:


the answer section says:

[code];; ANSWER SECTION: 300 IN CNAME 46 IN A 46 IN A 46 IN A 46 IN A 46 IN A 46 IN A 46 IN A 46 IN A[/b]

SO ... will be 300 seconds ...

you will quesry YOUR name server (from your machine) every 60 seconds ... and your DNS will retry every 300 seconds to the server.

see this reference:
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.