Re: About the prefetch function within bind 9.10.
Yes, I want to let bind/named prefetch records that are being queried regularly. In this way, I'll have a set of up-to-date cached records that I've been queried. Can the prefetch function plus caching mode of bind/named do this for me? Regards 2014-05-18 15:49 GMT+08:00 Mark Andrews : > If there is a query in that 9 second window then named will make a query > to repopulate the cache. If there is not a query then the records will > expire. You only want to prefetch records that are being queried for > regularly. > > > > On 18/05/2014, at 17:18, Hongyi Zhao wrote: > > What do you mean by saying that "Prefetch does not cause named to ignore > TTLs"? > > I think in my case, I have set the preftch option like this: > > -- > prefetch 2 9; > -- > > This will enable the prefetching for all of the entries with the TTL > larger that 2 seconds, (in my case, the TTL is 60 seconds, so the prefetch > will be enabled for this entry). The digit 9 triggering condition for > doing the prefetching. In my case, it should mean that when 51 seconds > elapsed for the entry, i.e., 9 = 60 - 51, the bind will prefetching the > record, and then the record will have a full TTL, i.e., 60 seconds for this > case again. > > Am I wrong about the meaning of the prefetching function of bind or not? > > Regards > Zhao > > > 2014-05-18 13:46 GMT+08:00 Leonard Mills : > >> Taking the CNAME line in the response, please notice that the published >> TTL is 60 seconds. Prefetch does not cause named to ignore TTLs. >> >> hth, >> Len >> > > > > -- > Hongyi Zhao > Xinjiang Technical Institute of Physics and Chemistry > Chinese Academy of Sciences > GnuPG DSA: 0xD108493 > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: About the prefetch function within bind 9.10.
What do you mean by saying that "Prefetch does not cause named to ignore TTLs"? I think in my case, I have set the preftch option like this: -- prefetch 2 9; -- This will enable the prefetching for all of the entries with the TTL larger that 2 seconds, (in my case, the TTL is 60 seconds, so the prefetch will be enabled for this entry). The digit 9 triggering condition for doing the prefetching. In my case, it should mean that when 51 seconds elapsed for the entry, i.e., 9 = 60 - 51, the bind will prefetching the record, and then the record will have a full TTL, i.e., 60 seconds for this case again. Am I wrong about the meaning of the prefetching function of bind or not? Regards Zhao 2014-05-18 13:46 GMT+08:00 Leonard Mills : > Taking the CNAME line in the response, please notice that the published > TTL is 60 seconds. Prefetch does not cause named to ignore TTLs. > > hth, > Len > -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
About the prefetch function within bind 9.10.
Dear all, I compilled and installed the BIND 9.10.0-P1 on my Debian Wheezy box. See following for detail: -- werner@debian:~$ sudo named -V BIND 9.10.0-P1 built by make with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' compiled by GCC 4.7.2 using OpenSSL version: OpenSSL 1.0.1e 11 Feb 2013 -- Now, I setting the prefetch in the named.conf.options by adding the follow line into it: --- prefetch 2 9; Then restart the named and test it by using the following command: - werner@debian:~$ dig ssh.sshcenter.info ; <<>> DiG 9.10.0-P1 <<>> ssh.sshcenter.info ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54538 ;; flags: qr rd ra; QUERY: 1, ANSWER: 15, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;ssh.sshcenter.info.INA ;; ANSWER SECTION: ssh.sshcenter.info.60INCNAMEc-ssh.cloudkvm.net. c-ssh.cloudkvm.net.60INA23.94.104.29 c-ssh.cloudkvm.net.60INA199.119.224.224 c-ssh.cloudkvm.net.60INA23.226.226.124 c-ssh.cloudkvm.net.60INA204.44.87.100 c-ssh.cloudkvm.net.60INA192.3.23.197 c-ssh.cloudkvm.net.60INA173.254.237.179 c-ssh.cloudkvm.net.60INA96.44.134.231 c-ssh.cloudkvm.net.60INA23.90.4.124 c-ssh.cloudkvm.net.60INA23.92.50.22 c-ssh.cloudkvm.net.60INA107.150.4.170 c-ssh.cloudkvm.net.60INA199.233.236.200 c-ssh.cloudkvm.net.60INA69.197.147.93 c-ssh.cloudkvm.net.60INA162.211.227.83 c-ssh.cloudkvm.net.60INA192.227.161.20 ;; Query time: 1034 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun May 18 13:13:03 CST 2014 ;; MSG SIZE rcvd: 303 --- As you can see, it takes 1034 msec for the first query. According to my understanding of the prefetch option, if I enabled it, then after the first query of a site, then it will always updated automatically into the cache of bind. So I will always obtain a 0 msec query time for that site after the first query. But for my above case, after 60 seconds, if I do the same query, I will get the following results: - werner@debian:~$ dig ssh.sshcenter.info ; <<>> DiG 9.10.0-P1 <<>> ssh.sshcenter.info ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41322 ;; flags: qr rd ra; QUERY: 1, ANSWER: 15, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;ssh.sshcenter.info.INA ;; ANSWER SECTION: ssh.sshcenter.info.60INCNAMEc-ssh.cloudkvm.net. c-ssh.cloudkvm.net.58INA23.90.4.124 c-ssh.cloudkvm.net.58INA192.3.23.197 c-ssh.cloudkvm.net.58INA192.227.161.20 c-ssh.cloudkvm.net.58INA23.226.226.124 c-ssh.cloudkvm.net.58INA23.92.50.22 c-ssh.cloudkvm.net.58INA199.119.224.224 c-ssh.cloudkvm.net.58INA23.94.104.29 c-ssh.cloudkvm.net.58INA199.233.236.200 c-ssh.cloudkvm.net.58INA96.44.134.231 c-ssh.cloudkvm.net.58INA162.211.227.83 c-ssh.cloudkvm.net.58INA107.150.4.170 c-ssh.cloudkvm.net.58INA173.254.237.179 c-ssh.cloudkvm.net.58INA204.44.87.100 c-ssh.cloudkvm.net.58INA69.197.147.93 ;; Query time: 2186 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun May 18 13:16:50 CST 2014 ;; MSG SIZE rcvd: 303 - As you can see, the query time is 2186 msec instead of 0 msec. Any hints on this issue? Regards -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
How can I increase the TTL for the cached entries in my local dns serveder?
Hi all, Currently, I use bind9 as the local dns cache server and a forwarder only server. I set the dnscrpyt-proxy running on local port 50 as the upstream dns server for my bind9 dns cache server. In addtition, I also want to have long TTL so that I can obtain a short inquiry respond time. For all of the above purposes, I use the following configure file: --- $ cat /etc/bind/named.conf.options options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; forward only; forwarders {127.0.0.1 port 50 ;} ; cleaning-interval 1440; max-cache-ttl 2419200; max-ncache-ttl 86400; max-cache-size unlimited; stacksize unlimited; datasize unlimited; coresize unlimited; // // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys // //dnssec-validation auto; auth-nxdomain no;# conform to RFC1035 listen-on-v6 { any; }; }; --- Then I restart my dns server with the followoing command to let the above config take in effect: sudo service bind9 restart But, I still have low TTL, because I've tried that the following command: werner@debian:~$ dig ssh.sshcenter.info ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> ssh.sshcenter.info ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 676 ;; flags: qr rd ra; QUERY: 1, ANSWER: 15, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;ssh.sshcenter.info.INA ;; ANSWER SECTION: ssh.sshcenter.info.60INCNAMEc-ssh.cloudkvm.net. c-ssh.cloudkvm.net.60INA23.226.226.124 c-ssh.cloudkvm.net.60INA69.197.147.93 c-ssh.cloudkvm.net.60INA96.44.134.231 c-ssh.cloudkvm.net.60INA107.150.4.170 c-ssh.cloudkvm.net.60INA162.211.227.83 c-ssh.cloudkvm.net.60INA173.254.237.179 c-ssh.cloudkvm.net.60INA192.3.23.197 c-ssh.cloudkvm.net.60INA192.161.175.143 c-ssh.cloudkvm.net.60INA192.227.161.20 c-ssh.cloudkvm.net.60INA199.119.224.224 c-ssh.cloudkvm.net.60INA199.233.236.200 c-ssh.cloudkvm.net.60INA23.90.4.124 c-ssh.cloudkvm.net.60INA23.92.50.22 c-ssh.cloudkvm.net.60INA23.94.104.29 ;; Query time: 1208 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Mar 28 14:04:01 2014 ;; MSG SIZE rcvd: 292 Though in above query, the query time is 1208 msec, if I immediately do the second query, the query time will be dramtically shorttened. But after several minites, I will still obtain a long query time as the above one. The OS used by me is Debian GNU/Linux 7.4 (wheezy). Any hints on this issue? Regards -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
About the conflict between named and pdnsd.
Hi all, I use debian wheezy. In order to solve the dns pollution issue for my case. I install the pdnsd (see here for detail: http://members.home.nl/p.a.rombouts/pdnsd/)on my system. At the same time, I also have the bind9 installed by default. But the issue for my case is as follows: Bothe the named from bind9 and the pdnsd installed by myself will use the local 53 port. So the will be conflict and cann't start at the same time. How should I solve this issue? Regards -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Is it possible to set a ddns hostname to access a name-based virtual host?
Hi all, Suppose a file named file.pdf stored in the following web location: http://some_domain/path/to/file.pdf Where, the *some_domain* is a name-based virtual host. In this case, is it possible to set a ddns hostname, say through http://www.changeip.net/, without using *some_domain* itself, to access this file? -- .: Hongyi Zhao [ hongyi.zhao AT gmail.com ] Free as in Freedom :. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
comp.protocols.dns.bind
Hi all, Suppose a file named file.pdf stored in the following web location: http://some_domain/path/to/file.pdf Where, the *some_domain* is a name-based virtual host. In this case, is it possible to set a ddns hostname, say through http://www.changeip.net/, without using *some_domain* itself, to access this file? -- .: Hongyi Zhao [ hongyi.zhao AT gmail.com ] Free as in Freedom :. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re[2]: Is it possible to set a ddns hostname to access a name-based virtual host?
On Saturday, February 21, 2009 at 5:45, k...@chrysler.com wrote: > Hongyi Zhao wrote: >> Hi all, >> >> Suppose a file named file.pdf stored in the following web location: >> >> http://some_domain/path/to/file.pdf >> >> Where, the *some_domain* is a name-based virtual host. In this case, >> is it possible to set a ddns hostname, say through >> http://www.changeip.net/, without using *some_domain* itself, to >> access this file? >> >> > DNS can only control what IP address the client connects to. It doesn't > have any effect on the "Host:" header that is sent in the HTTP request, > and that's what a webserver uses to identify the target site, in a > named-based virtual hosting context. > I think you want to use a proxy with URL-rewriting capability. SQUID > seems to be capable of this. > Possibly some browser add-on might have a URL-rewriting capability too, > haven't looked into that. Thank you for your pertinent recommendations. Warmly regards, -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 2009-2-21 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re[2]: [OT] Is it possible to set a ddns hostname to access a name-based virtual host?
On Saturday, February 21, 2009 at 0:31, mi...@acmeps.com wrote: > This is actually off topic for BIND-users... > hongyi.z...@gmail.com wrote: >> On Friday, February 20, 2009 at 19:51, serge.fonvi...@gmail.com wrote: >>> Hi, >> >>> Is it possible to set a ddns hostname, say through >>> http://www.changeip.net/ , without using *some_domain* itself, to >>> access this file? >> >>> Not entirely sure what you are actually trying to achieve. >>> Could you provide a concrete example of the situations you are trying to >>> achieve? >> >> Let me give an example to illustrate my problem: >> >> In the following url, the prola.aps.org is a name-based virtual host: >> >> http://prola.aps.org/pdf/PRB/v1/i1/p1_1 >> >> On the other hand, my institute has subscribed to prola and many other >> journals, so I want to use some self-made and easy-to-memory hostnames for >> each of them. For example, I want to use the following url to access >> the above one: >> >> http://myprola.myddns.org/pdf/PRB/v1/i1/p1_1 > I fail to see how the later is more "easy-to-memory" than the former, but... I just take one for example, in my case, I've dozens of such hostnames and, if can, I'll make all of them have the same latter part, i.e., .myddns.org, thus "easy-to-memory". >> >> Is this possible? >> > Generally, no. Virtual hosting involves setting, in almost all cases, a > unique document root for each virtual host. If you reference a file or > location via a URI that uses a different hostname, then it either > matches a different virtual host, or matches the default virtual host, > but in either case the document root is almost certainly different, and > thus the relative path (/pdf/PRB/v1/i1/P1_1 in your case) almost certain > does not translate to the correct absolute path to get the right file or > get you to the right generator, whatever the location references and/or > triggers to send back content. > You *must* reference the location using the same URI if you expect to > see the same expected results. Thanks for your detailed explanations. Another issue: what do you mean by saying URI? What's the differences between URI and URL? > Regards, > Mike > PS: There are other maintenance problems with your approach too, but What for example? > you avoid those by just not even trying to do what you asked. Regards, -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 2009-2-21 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re[4]: Is it possible to set a ddns hostname to access a name-based virtual host?
On Friday, February 20, 2009 at 22:15, serge.fonvi...@gmail.com wrote: > Let me give an example to illustrate my problem: > In the following url, the prola.aps.org is a name-based virtual host: > http://prola.aps.org/pdf/PRB/v1/i1/p1_1 > On the other hand, my institute has subscribed to prola and many other > journals, so I want to use some self-made and easy-to-memory hostnames for > each of them. For example, I want to use the following url to access > the above one: > http://myprola.myddns.org/pdf/PRB/v1/i1/p1_1 > Is this possible? > You can specify a domainalias for every virtualhost in the apache > configuration (other http servers should support similar functionality) I cann't figure it out. I only have a web client such as ie or firefox to access the above url? Do you mean that I must setup a local webserver, say by using apache to do that thing? Regards, -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 2009-2-20 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re[2]: Is it possible to set a ddns hostname to access a name-based virtual host?
On Friday, February 20, 2009 at 19:51, serge.fonvi...@gmail.com wrote: > Hi, > Is it possible to set a ddns hostname, say through > http://www.changeip.net/ , without using *some_domain* itself, to > access this file? > Not entirely sure what you are actually trying to achieve. > Could you provide a concrete example of the situations you are trying to > achieve? Let me give an example to illustrate my problem: In the following url, the prola.aps.org is a name-based virtual host: http://prola.aps.org/pdf/PRB/v1/i1/p1_1 On the other hand, my institute has subscribed to prola and many other journals, so I want to use some self-made and easy-to-memory hostnames for each of them. For example, I want to use the following url to access the above one: http://myprola.myddns.org/pdf/PRB/v1/i1/p1_1 Is this possible? Regards, -- Hongyi Zhao Xinjiang Technical Institute of Physics and Chemistry Chinese Academy of Sciences GnuPG DSA: 0xD108493 2009-2-20 ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Is it possible to set a ddns hostname to access a name-based virtual host?
Hi all, Suppose a file named file.pdf stored in the following web location: http://some_domain/path/to/file.pdf Where, the *some_domain* is a name-based virtual host. In this case, is it possible to set a ddns hostname, say through http://www.changeip.net/, without using *some_domain* itself, to access this file? -- .: Hongyi Zhao [ hongyi.zhao AT gmail.com ] Free as in Freedom :. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users