On Wed, 27 Oct 2004 18:07, Donovan Baarda <[EMAIL PROTECTED]> wrote: > Sorry to subvert a thread like this, but has anyone else decided that > nscd is pretty much essential for all systems, regardless of nss, or > local nameservers?
No. > It seems without it there is _no_ dns caching of any kind (except for Run named on localhost. > apps like squid that explicitly have it). If you ping, every single ping > packet triggers an nslookup. Which ping program have you seen doing this? The ping program in iputils-ping only does a DNS lookup before sending the first packet and I expect that all other ping programs do the same. Run tcpdump while running ping and check what your ping program does. > Even if you have a local caching name > server, the UDP traffic on the loopback interface hurts. How does UDP traffic on the loopback hurt more than Unix domain socket access? > Is there any reason why nscd should not be installed on a system? It wastes RAM on small machines. Caches get stale some times. It's one more thing that can go wrong or have a security issue. Most people don't need it. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]