default local DNS caching name server

Simo Sorce simo at
Sun Apr 13 06:53:30 UTC 2014

On Sun, 2014-04-13 at 16:10 +0930, William Brown wrote:

> A system wide resolver I am not opposed to. I am against a system wide
> *caching* resolver. 

> In this case, a cache *is* helpful, as is DNSSEC. But for the other 6, a
> cache is a severe detriment. 

About the above 2, can you explain *why* ?
A bunch of people here, feel that it would be a great improvement, you
keep saying it is doomsday, yet I haven't seen a concise explanation of
why that would be (maybe I overlooked, apologies if so).

> I disable the DNS cache in firefox with developer tools. 

So you will be able to do the same by setting 1 configuration option in
unbound, or you could disable the resolver entirely.

Can you tell why *everybody* should have the cache disabled by default ?

> Additionally, a short TTL is good, for this situation, but it can't fix
> everything. 

Paul mentioned the single configuration option need to make your
resolver tweak the TTL locally, what else do you need ? And again why
your preference should be the default ? What compelling arguments can
you make ?


Simo Sorce * Red Hat, Inc * New York

More information about the devel mailing list