[Dnsmasq-discuss] Flags on cache dump

Simon Kelley simon at thekelleys.org.uk
Wed Aug 25 14:24:04 UTC 2021

On 25/08/2021 10:02, David Moyes wrote:
> Is there any documentation, besides the code, that explains the flags on
> a USR1 cache dump?
> I couldn't find this info on the man page or website so I looked in the
> code and arrived at this conclusion: there are 9 fields displayed as a
> value or a blank in string like "tFRIDNXHV" where these mean:
> * type = 4=IPv4 | 6=IPv6 | C=CNAME | V=SRV | S=DS | K=DNSKEY
> * F=forward
> * R=reverse
> * I=immortal
> * D=dhcp
> * N=negative
> * X=nxdomain
> * H=hosts
> * V=dnssec ok
> Is there any further explanation of what these actually mean? Most are
> obvious I guess but some (esp immortal and negative) less so.

The above is probably the most comprehensive explanation anywhere, sorry.

Immortal - never expires - this is used for stuff like names from
/etc/hosts which should never be evicted from the cache.

negative, nxdomain - an entry with negative set says we know that know
that there is no record for that domain and that record type (ie A or
AAAA). When both N and X are set, we known there's no records at all for
the domain.

Another gotcha - the DNSSECOK flag in negative DS records a has
different meaning. Only validated DS records are every stored, and the V
bit is used to store information about the presence of an NS record for
the domain, (ie if there's a zone cut at that point.)



> Thanks,
> David.
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

More information about the Dnsmasq-discuss mailing list