[Dnsmasq-discuss] test33: excessive queries for the same address

Carlos Carvalho carlos at fisica.ufpr.br
Thu Jan 31 15:11:50 GMT 2008

Simon Kelley (simon at thekelleys.org.uk) wrote on 31 January 2008 07:39:
 >Carlos Carvalho wrote:
 >> I've noticed that dsnmasq doesn't seem to cache negative responses
 >> long enough:
 >Please could you try the same query by hand, using dig
 >dig vger.kernel.org.bl.open-whois.org
 >There should be an SOA record in the AUTHORITY section of the answer, 
 >like this:
 >; <<>> DiG 9.3.4 <<>> vger.kernel.org.bl.open-whois.org
 >;; global options:  printcmd
 >;; Got answer:
 >;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2313
 >;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
 >;vger.kernel.org.bl.open-whois.org. IN  A
 >bl.open-whois.org.      900     IN      SOA     a.ns.open-whois.org. 
 >hostmaster.open-whois.org. 1201763520 900 450 604800 900
 >;; Query time: 163 msec
 >;; SERVER:
 >;; WHEN: Thu Jan 31 07:28:17 2008
 >;; MSG SIZE  rcvd: 103
 >That record is needed to do negative caching (it provides the time for 
 >which the cache entry is valid) and without it no caching will take 
 >place. ISPs sometimes configure their customer-facing nameservers not to 
 >return authority records, to save in system load. (My ISP used to, but 
 >seems to have put them back, now.)

Oh well... The server here is dnscache, and it does seem to not send
the authority section, it just sends the minimum answer to the query.

Would it be possible to put an option to define a cache time when
there's no SOA record? It'd apply to negative answers as well.

More information about the Dnsmasq-discuss mailing list