[Dnsmasq-discuss] min-cache-ttl overriding neg-ttl
Glenn Fowler
gfowler1 at outlook.com
Mon Sep 26 15:34:55 UTC 2022
Hi,
Thank you for the information and clarification.
Although I would still like to have a separate ttl for negative caching
regardless of what is set for min-cache-ttl, maybe a note on the man page
to note this behavior for the community.
Thanks!
On Wed, Sep 21, 2022 at 7:45 AM Simon Kelley <simon at thekelleys.org.uk>
wrote:
>
>
> On 20/09/2022 23:54, Glenn Fowler wrote:
> > Hi,
> >
> > I am caching positive responses for 40 minutes (min-cache-ttl), but want
> > negative responses cached for only 1 minute. If the forward zone server
> > is down momentarily, all of the queries during that time could result in
> > an erroneous negative response that gets cached for 40 minutes and
> > unreachable during that time instead of the desired 1 minute.
>
> This is not the case: you need to distinguish between a reply which
> says "this domain/RR does not exist" and no response or an error from
> the server. The later is never cached. If the forward zone server is
> down it can't answer and so can't put anything in the cache.
>
> >
> > With neg-ttl working as expected, a retry after the 1 minute mark would
> > result in a positive response.
>
> See above, in this case there will be error responses until the upstream
> server recovers.
>
> >
> > In general, negative responses shouldn't have a high TTL.
>
> neg-ttl is only a fall-back should a negative response not contain TTL
> information, so making it override min-cache-ttl won't affect the normal
> case where negative repliues have an SOA record which specifies the TTL.
>
> There might be an argument for not making min-cache-ttl apply to
> negative caching, but I'm not sure that makes sense. min-cache-ttl is a
> dangerous option which comes with caveats anyway, if it breaks stuff,
> just switch it off.
>
> Simon.
>
> >
> > On Tue, Sep 20, 2022 at 4:59 PM Geert Stappers via Dnsmasq-discuss
> > <dnsmasq-discuss at lists.thekelleys.org.uk
> > <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>> wrote:
> >
> > On Tue, Sep 20, 2022 at 10:41:29AM -0400, Glenn Fowler wrote:
> > > Hello,
> > >
> > > I have observed that if min-cache-ttl time is greater than
> > neg-ttl time,
> > > then the neg-ttl time is ignored and negative responses are
> > cached at the
> > > min-cache-ttl time.
> > >
> > > The expected behavior should be that neg-ttl is independent of
> > > min-cache-ttl.
> >
> > What are the negative effects of it? (a.k.a. With which priority
> needs
> > it further attention?)
> >
> >
> > > In searching I did find that unbound had the exact same issue:
> > > https://github.com/NLnetLabs/unbound/issues/533
> > <https://github.com/NLnetLabs/unbound/issues/533>
> > >
> > > I am on v2.86 on OpenWrt
> > >
> > > Thank you
> >
> > Thanks for what?
> >
> >
> > Groeten
> > Geert Stappers
> > --
> > Silence is hard to parse
> >
> > _______________________________________________
> > Dnsmasq-discuss mailing list
> > Dnsmasq-discuss at lists.thekelleys.org.uk
> > <mailto:Dnsmasq-discuss at lists.thekelleys.org.uk>
> >
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
> > <
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss>
> >
> >
> > _______________________________________________
> > Dnsmasq-discuss mailing list
> > Dnsmasq-discuss at lists.thekelleys.org.uk
> > https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20220926/3545691a/attachment.htm>
More information about the Dnsmasq-discuss
mailing list