F23 System Wide Change: Default Local DNS Resolver

Petr Spacek pspacek at redhat.com
Wed Jun 3 12:02:19 UTC 2015 

On 3.6.2015 13:45, Reindl Harald wrote:
> 
> Am 03.06.2015 um 13:39 schrieb Petr Spacek:
>> On 3.6.2015 10:58, Reindl Harald wrote:
>>>
>>> Am 03.06.2015 um 09:14 schrieb Petr Spacek:
>>>>> so with setup a dns cache on each and every machine you fuckup your network
>>>>> because you introduce the same negative TTL caching affecting OSX clients
>>>>> for
>>>>> years now
>>>>
>>>> Please let me clarify few things:
>>>>
>>>> 1) Negative caching is controlled by zone owner. If you are not happy that
>>>> OSX/Windows clients cache negative answers for zones your company use - no
>>>> problem, set SOA minimum field to 1 second and be done with that.
>>>
>>> bad idea when you maintain public nameservers for some hundret domains just
>>
>> I agree that it is a very bad idea to ignore DNS caching. It was built-in on
>> purpose.
>>
>>> because broken clietn software
>>
>> I'm sorry for disappointing you.
>>
>> The behavior I describe is standard for last ~ 20 years 1987 (RFCs
>> 1034/1035/2308). If you don't agree with standard then you cannot use DNS
>> technology as standardized. Here I'm not sure if other Fedora users would also
>> welcome non-standard behavior.
>>
>> If you feel that the standard is broken then *please* continue with discussion
>> on IETF's dnsop mailing list:
>> https://www.ietf.org/mailman/listinfo/dnsop
> 
> come on stop trolling that way because you know exactly what i am talking
> about by "broken client software" - the point is that with caching on each and
> every device you lose the oppotinity clear central caches for whatever reason
> and make the changes visible on all clients in realtime

You will lose the ability because *you configured the zone with
inappropriately long TTL*.

As usual, it is a trade-off: (performance & resiliency) vs. flexibility.

It is up to you as an administrator to decide on which side you want to be.

Also, feel free to contribute with protocol proposal for DNS cache flushing.
dnsop working group already seen few ideas like that and the group is quite
open, contributions are welcome!

-- 
Petr Spacek  @  Red Hat

More information about the devel mailing list