Does anyone use nscd?

perryh at perryh at
Tue Oct 11 04:51:09 UTC 2011

Doug Barton <dougb at> wrote:

> On 10/10/2011 11:55, David Brodbeck wrote:
> > Is there any reason to cache negative hits?
> It's very important for DNS since there are a fairly large number
> of misbehaving applications that don't stop querying until they
> get some kind of answer.

Would this need be sufficiently covered if negative cache timeout
were set to, say, 1/4 of a second?  That should be short enough
to cover virtually any instance in which a missing entry is added
manually and the new entry then needs to be found.

> And speaking of DNS, while I think that improving nscd is a good
> goal I wonder how much use it will be in the world to come when
> DNSSEC becomes more important ...

Is there something about DNSSEC that makes it fundamentally
incompatible with a local cache such as nscd, or is it simply
a matter of nscd needing a bit of work to support DNSSEC?

More information about the freebsd-hackers mailing list