On Mon, 13 Aug 2007, Rodney Joffe wrote:
>
>
> On Aug 13, 2007, at 2:25 AM, Florian Weimer wrote:
>
> >
> > * Rodney Joffe:
> >
> >> Do you have any real examples of significant recursive servers doing
> >> this?
> >
> > nscd in GNU libc has issues related to cache expiry. I'm not sure if
> > it is general brokenness, or some TTL-related issue. It's use is not
> > terribly widespread, and it's a host-specific cache only, but there's
> > a certain installation base.
>
> Thanks Florian. So this looks like a code "feature", not stupid
> behavior by deployers. I'll keep a note when we fingerprint
> misbehaving systems in the future.
nscd does this on many platforms (solaris for instance) there's a config
bit in nscd.conf:
positive-time-to-live hosts 3600
that sets a lower-bar on TTL in the nscd cache -
(from the manpage for nscd.con)
positive-time-to-live cachename value
Sets the time-to-live for positive entries (successful
queries) in the specified cache. value is in integer
seconds. Larger values increase cache hit rates and
reduce mean response times, but increase problems with
cache coherence. Note that sites that push (update)
NIS maps nightly can set the value to be the
equivalent of 12 hours or more with very good perfor-
mance implications.
This is still a client issue as, hopefully, the cache-resolvers don't
funnel their business through nscd save when applications on them need
lookups... (things like ping/telnet/traceroute/blah)
-Chris