nscd and DNS cache
JD
jd1008 at gmail.com
Wed May 16 09:32:38 UTC 2012
On 05/16/2012 03:18 AM, Daniel Bossert wrote:
> fedora skrev 16.05.12 10:33:
>> ... or try dnsmasq
>>
>> suomi
>>
>> On 05/16/2012 08:54 AM, JD wrote:
>>> On Tue, May 15, 2012 at 9:20 PM, Ed Greshko<Ed.Greshko at greshko.com>
>>> wrote:
>>>> On 05/16/2012 10:11 AM, JD wrote:
>>>>> I have nscd running.
>>>>> /etc/resolv.conf starts out with
>>>>> nameserver 127.0.0.1
>>>>> nameserver 192.168.1.254
>>>>>
>>>>>
>>>>> The 192.168.1.254 is the router, which has been a fast and reliable
>>>>> resolver.
>>>>>
>>>>> So, to test nscd caching behavior,
>>>>> I browse (using FF) over to any website.
>>>>> After some time, the address is resolved and the page comes up.
>>>>> I kill the tab of the page, and open a new tab and aim the browser
>>>>> at same url. Browser again says: looking up whatever....com and takes
>>>>> several seconds to resolve it.
>>>>>
>>>>> I thought that nscd is supposed to cache the translation from the
>>>>> first lookup.
>>>>>
>>>>> Am I to believe that the browser is NOT using /etc/resolv.conf?
>>>>> If not, what is it using?
>>>>> Or could it be that nscd is useless in this respect?
>>>>>
>>>> I've not looked at nscd in a long time....but I never could see the
>>>> value in it and
>>>> never could get it to what I thought was a working or useful
>>>> configuration for my needs.
>>>>
>>>> No browser or application uses resolv.conf directly. They make
>>>> calls to the resolver
>>>> libraries which in turn use it.
>>>>
>>>> IMO, if your router does caching name services there really is no
>>>> benefit to having
>>>> systems do their own caching since the overhead of local requests
>>>> should be small.
>>>> However, it seems that your router may not be caching since it is
>>>> taking several seconds.
>>>>
>>>> In cases where the router isn't doing caching, or is doing it
>>>> poorly, I prefer to
>>>> simply run bind on a single server and point all the systems to it
>>>> for resolution.
>>>>
>>>> With the current Fedora systems this is easy. All one need to do is
>>>> install bind and
>>>> bind-chroot and enable/start the service. On the "bind" host all
>>>> you need is
>>>> 127.0.0.1 defined as a nameserver. Then, if you use a tool such as
>>>> "wireshark" you
>>>> will see that requests will only go out if the answer is not in the
>>>> cache or the TTL
>>>> has expired.
>>>>
>>> I understand the libs are what make calls to the resolver. But even
>>> the resolver must look
>>> at /etc/resolv.conf. If it is empty, NOTHING gets resolved.
>>> I was using nscd thinking it is a lightweight caching resolver. But as
>>> it turns out it is useless.
>>> Time for fedora to bury it :)
>>> Re: My router: it does very little if any caching - and has no
>>> configuration for it at all.
>>>
>>> I will try bind.
>>>
>>> Thanx Ed.
>>>
>>> JD
> HI
> Why do you have 127.0.0.1 in /etc/resolv.conf? Could it be that your
> computer ask himself to resolv this ip and as he can't do that then he
> get to your router and ask?
> Do you have the same behaviour when only your router's ip adress is in
> /etc/resolv.conf?
>
> kind regards
> Daniel
Well, if I recall correctly, using a caching dns daemon requires that
the first entry in /etc/resolv.conf be 127.0.0.1 followed by external
nameservers' ip addresses.
And yes, re: same behavior when only router's ip address is in resolv.conf.
As I indicated, the router does not seem to be caching anything, and I
believe
for good reason: reduce production cost - saving a few pennies per unit
can amount to millions of dollars. I have worked at industries that did
similar cost saving (or profit creating) design decisions. Just my
$.02's worth.
More information about the users
mailing list