Maintained by: NLnet Labs

[Unbound-users] Antwort: Re: cachcing only server for all types of records

Sven Ulland
Thu Jul 2 10:26:16 CEST 2015


On 07/01/2015 07:39 PM, Christoph Kaminski wrote:
> ok thx for your answer... I have one question more. Sometimes I need
> to restart unbound in order that it can resolve a new added DNS
> record. I think the default cache times are to long for us. It is
> possible to make them shorter? The best would be if it only uses the
> cache if it cant reach any forwarder. Possible?

Are you referring to the situation that happens when you query for
a non-existing name, and Unbound caches the authoritative NXDOMAIN
reply from the zone servers – and then you add the name to the zone,
but Unbound has cached the NXDOMAIN and still returns that as a reply?

If no: Please explain the situation.

If yes: Are you the zone admin? Unbound is correctly caching the
authoritative response from the zone servers. This is called negative
caching and has its own RFC https://tools.ietf.org/html/rfc2308 due to
all the subtleties involved.

In short, you may have success with tuning the zone's SOA minimum
field, ref https://tools.ietf.org/html/rfc2308#section-5

sven