default local DNS caching name server

William Brown william at firstyear.id.au
Sat Apr 12 11:25:18 UTC 2014 

> 
> > Consider, I get home, and open my laptop. Cache is cleared,
> > and I'm now populating that cache with the contents from the ISP.
> 
>   No, why contents from ISP? Local resolver will populate cache from root servers, no?

This isn't how DNS works ..... You populate your cache from the ISP, who
queries above them and so on up to the root server. 

http://technet.microsoft.com/en-us/library/cc961401.aspx

> 
> > But if you weren't to clear the cache, I could be at home caching bad records,
> > then when I go to work they persist.
> 
>   This is a glitch that when you are at home the cache still has office domain addresses cached, to which you can not connect, because you aren't connected to the office network. Do I understand it right? IMO, that's not bad cache.
> 

I should clarify. I cache the record foo.work.com from the office, and
it resolves differently externally. When I go home, it no longer
resolves to the external IP as I'm using the internally acquired record
from cache. 

> > You cannot have both. I would rather that cache is flushed on interface change
> > as it prevents so many more issues than making that cache last across potential
> > network boundaries.
> 
>   Sure, no contention there. IMO, that could be a feature for NM, to clear local cache on interface change. Because NM is suitably placed to do that.
> 

Agreed.

> > At the end of the day, I cannot stress enough, if you have an ISP with bad DNS
> > caching or that is unreliable, you need to fault your ISP,
> 
>   IMO, local resolver can help here.
> 
> ---

> > On Sat, 2014-04-12 at 16:15 +0800, P J P wrote:
> > > On Saturday, 12 April 2014 12:41 PM, William Brown wrote:
> > > PS: The unreliable ISP I perceive as:
> > > 1) They often return no query within an acceptable time period
> > > 2) They return invalid or incorrect zone data
> > > 3) They mess with TTLs or other zone data
> > 
> >   Right.


Referencing  these together.

A local cache will help you with 1 "sometimes" provided you get the
first record back once. 

It won't prevent the second or third as you will just cache the
incorrect data instead (Provided you clear cache on network change, this
isn't a problem ... it just means you hold onto bad data for that
session for longer, which creates other issues.)




I personally am actually against DNS cache on systems as it tends to
create more problems than it solves. 


-- 
William Brown <william at firstyear.id.au>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140412/d099dffb/attachment.sig>

More information about the devel mailing list