A. Schulze
2015-03-10 07:04:31 UTC
Hello,
we run in an issue with cached negative answers and need clarification.
at t=0 a client ask unbound for test.example.org.
unbound does not know anything about the domain and ask the nameserver
ns1.example.org.
the answer is NXDOMAIN.
at t=1, some seconds later, the nameserver is reconfigured and now
test.example.org exist.
at t=3 the same or an other client ask unbound again for test.example.org.
the answer is still NXDOMAIN. t=3 is more then 14 hours later.
How long I have to wait until unbound forget the NXDOMAIN
and fetch new data from authoritative server? Could that be controlled
somehow?
The SOA-Reord for example.org looks like this:
example.org. 12967 IN SOA example.org. hostmaster.example.org.
1501261358 43200 7200 2419200 86400
There was a similar question a year ago about min and max negative ttl
without results.
http://unbound.net/pipermail/unbound-users/2014-February/003194.html
Andreas
we run in an issue with cached negative answers and need clarification.
at t=0 a client ask unbound for test.example.org.
unbound does not know anything about the domain and ask the nameserver
ns1.example.org.
the answer is NXDOMAIN.
at t=1, some seconds later, the nameserver is reconfigured and now
test.example.org exist.
at t=3 the same or an other client ask unbound again for test.example.org.
the answer is still NXDOMAIN. t=3 is more then 14 hours later.
How long I have to wait until unbound forget the NXDOMAIN
and fetch new data from authoritative server? Could that be controlled
somehow?
The SOA-Reord for example.org looks like this:
example.org. 12967 IN SOA example.org. hostmaster.example.org.
1501261358 43200 7200 2419200 86400
There was a similar question a year ago about min and max negative ttl
without results.
http://unbound.net/pipermail/unbound-users/2014-February/003194.html
Andreas