Maintained by: NLnet Labs

NXDOMAIN cache

Alexandre J. Correa (Onda)
Sun Oct 25 06:55:46 CET 2015


Hello,

My first e-mail comes with some questions.. :)

1- Unbound can cache NXDOMAIN responses ?
2- Unbound can change/force the TTL of NXDOMAIN as i define ??


the purpose of force/change TTL of NXDOMAIN is for a project to fight 
SPAM ak. SPFBL[1].
Because of the project´s success here (Brazil), i need to increase the 
cache of NXDOMAIN on mirror servers to lower cpu usage...


afaik, TTL of NXDOMAIN came from SOA records, but in my tests, unbound 
cache responses for only 4 seconds ..

if i flood with 20 queries like:

# dig @localhost 1.0.0.127.dnsbl.spfbl.net

the first query goes to 'central' server -- OK, expected (cache is empty)
the others 19 queries came from cache -- OK, expected

waiting 10 seconds, and flood again..

the first query goes to 'central' server -- NOT OK, expected come from 
local cache ...


How i can force the TTL of NXDOMAIN using unbound ??


References:

[1]: http://spfbl.net


-- 
Regards.

Alexandre Jeronimo Correa
CEO

Office: +55 34 3351 3077

Onda Internet
www.onda.net.br