Does anyone use nscd?
perryh at pluto.rain.com
perryh at pluto.rain.com
Tue Oct 11 04:51:09 UTC 2011
Doug Barton <dougb at freebsd.org> wrote:
> On 10/10/2011 11:55, David Brodbeck wrote:
> > Is there any reason to cache negative hits?
>
> It's very important for DNS since there are a fairly large number
> of misbehaving applications that don't stop querying until they
> get some kind of answer.
Would this need be sufficiently covered if negative cache timeout
were set to, say, 1/4 of a second? That should be short enough
to cover virtually any instance in which a missing entry is added
manually and the new entry then needs to be found.
> And speaking of DNS, while I think that improving nscd is a good
> goal I wonder how much use it will be in the world to come when
> DNSSEC becomes more important ...
Is there something about DNSSEC that makes it fundamentally
incompatible with a local cache such as nscd, or is it simply
a matter of nscd needing a bit of work to support DNSSEC?
More information about the freebsd-hackers
mailing list