nscd and DNS cache

[JD]

On 05/18/2012 12:37 AM, Ed Greshko wrote:
> On 05/18/2012 03:22 PM, JD wrote:
>> So, what's to prevent someone from simply modifying dnsmasq
>> (or any other open source caching name resolver) to change
>> the expiration time to a value greater than what the owner
>> of the domain wants? Sure it may result in using stale
>> ip addresses once in a while. I think that's more tolerable than
>> having to wait anywhere from 10 to 30 seconds to resolve every
>> new name browsed to; (new relative to contents of the cache).
> Nothing "stops" anyone from doing that....except they'd be mucking with the DNS
> system in ways unintended/unexpected.  I personally wouldn't use that software.
>
> If you need to wait that long for address resolution then you've either got a *very*
> slow network, your link is saturated, or the DNS server you're contacting is a poor
> performer.
>
> I had an ISP here in Taiwan that required you to use their DNS servers.  They blocked
> port 53 outbound from their network.  Their DNS servers would get overloaded from
> time to time...but even then I rarely waited for more than a second or two.
>
> Some people prefer to set their resolv.conf to point to 8.8.8.8 and 8.8.4.4 which are
> 2 of google's public nameservers that are very fast.
>
I am indeed pointing my resolv.conf to the 2 google
nameservers.
You're probably right about our home network.
I think the router has a very low bandwidth (hardware wise),
probably because it doubles up as the decoder for the TV
contents being viewed on 2 to 3 different TV's in the  house.
TV signals come directly to the router on the coax, and then
are sent back on the coax to the 3 TV sets.
We're stuck with what we have.