On 05/04/2015 05:38 PM, Stanislav Baiduzhyi wrote: > We are facing an issue with DNS server caching on RHEL-based distros: after > the update of resolv.conf java application cannot resolve the hosts any more. > > Reproducer is very simple: > 1. Clean /etc/resolv.conf or connect to vpn and use vpn-only nameserver. > 2. Launch the minimal java app [1]. > 3. Restore the /etc/resolv.conf or disconnect from vpn (/etc/resolv.conf > should be updated with accessible nameserver at this moment). > 4. Notice that name resolution continues to fail.
This is a glibc bug: <https://sourceware.org/bugzilla/show_bug.cgi?id=984> (I don't agree with the decision not to fix this, but I hesitate to touch the glibc resolver code, particularly in this area.) nscd doesn't work reliable for this use case, a further fix is needed: <https://sourceware.org/bugzilla/show_bug.cgi?id=14906> (Also see rhbz#859965, currently not public.) Would using nscd work for you? -- Florian Weimer / Red Hat Product Security