I would like to clarify how *hold valid* is used by resolvers. I have this configuration:
resolvers mydns nameserver dns1 192.168.122.202:53 accepted_payload_size 8192 timeout resolve 5s timeout retry 2s resolve_retries 3 hold other 30s hold refused 120s hold nx 30s hold timeout 10s hold valid 1h hold obsolete 0s The *valid* setting is a bit confusing. I can not find good explanation of it in the documentation. From what I see in the code of version 2.0.25, it is used only when doing DNS queries in tcp/http path: http-request do-resolve(txn.myip,mydns,ipv4) str(services.example.com) only when requests arrive in parallel, I see less queries to DNS servers than http requests. When requests are done in sequence, I see the same count of DNS requests as http requests. For example when I send 3000 requests to HAProxy with 3 clients in parallel, there are about 2600 requests to DNS servers. So it doesn't look like a proper cache to me. Whole HAProxy becomes unusable 10 seconds (hold timeout) after DNS servers stop responding because every server which is using DNS SRV record is put to maintenance state due to resolution error. Is this proper assessment of current state and is this what was intended ? Regards, Michal