Re: allow-query-cache and resolution time
Thank you Maybe I didn't word my question correctly. allow-query-cache definitions states allow-query-cache specifies which hosts are allowed to get answers from the cache. Which cache is it refering to? Could the cache also contain records which a master server is authoritative for? With allow-query-cache set to none, does it mean a master dns host would forgo looking at its memory cache to serve records its authoritative for? Thank you. - Original Message - From: Matthew Pounsett m...@conundrum.com To: LENA MATUSOVSKAYA (BLOOMBERG/ 731 LEXIN) Cc: BIND-USERS@lists.isc.org At: 1/22 16:21:46 On 22-Jan-2009, at 16:00 , LENA MATUSOVSKAYA, BLOOMBERG/ 731 LEXIN wrote: Hello, Thank you for answering my quesiton yesterday. I have a new question about allow-query-cache and its effect on a dns server' response resolution time. allow-query-cache specifies which hosts are allowed to get answers from the cache. I'm assuming this is refering to the memory cache. If allow-query-cache is set to none in options/views statement does it mean that the DNS server's query response time would be less efficient/slower than with setting allow-query-cache to any? If the answer is allow-query-cache is leff efficient, is it possible to override the setting for some zones and how? allow-query-cache cannot be used within zone statements. I'm going to assume you're talking about a recursive server and not an authoritative server. You generally do not want to restrict caching by zone, but rather by query source. That is, you want the computers in your network to be able to do recursion (and get responses from cache) for all zones, but you do not want computers outside your network (outside of your control) using your recursive server at all, because that makes you a vector for denial of service against other people's networks. Normally, the setting on a recursive server for allow-query-cache will match your restrictions on recursion. That is, the same clients which are allowed to send recursive queries are allowed to get answers from cache. PGP.sig Description: Binary data ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: allow-query-cache and resolution time
My goal is for my authoritiative server to use its memory cache to reply to the queries its authoritiative for. However, it should not satisfy all other queries - NO to recursion ;) . Overall, I'm wondering what affect setting allow-query-cache to none has on the performance of authoritative name servers. Thank you - Original Message - From: LENA MATUSOVSKAYA (BLOOMBERG/ 731 LEXIN) To: BIND-USERS@lists.isc.org At: 1/22 16:52:12 Thank you Maybe I didn't word my question correctly. allow-query-cache definitions states allow-query-cache specifies which hosts are allowed to get answers from the cache. Which cache is it refering to? Could the cache also contain records which a master server is authoritative for? With allow-query-cache set to none, does it mean a master dns host would forgo looking at its memory cache to serve records its authoritative for? Thank you. - Original Message - From: Matthew Pounsett m...@conundrum.com To: LENA MATUSOVSKAYA (BLOOMBERG/ 731 LEXIN) Cc: BIND-USERS@lists.isc.org At: 1/22 16:21:46 On 22-Jan-2009, at 16:00 , LENA MATUSOVSKAYA, BLOOMBERG/ 731 LEXIN wrote: Hello, Thank you for answering my quesiton yesterday. I have a new question about allow-query-cache and its effect on a dns server' response resolution time. allow-query-cache specifies which hosts are allowed to get answers from the cache. I'm assuming this is refering to the memory cache. If allow-query-cache is set to none in options/views statement does it mean that the DNS server's query response time would be less efficient/slower than with setting allow-query-cache to any? If the answer is allow-query-cache is leff efficient, is it possible to override the setting for some zones and how? allow-query-cache cannot be used within zone statements. I'm going to assume you're talking about a recursive server and not an authoritative server. You generally do not want to restrict caching by zone, but rather by query source. That is, you want the computers in your network to be able to do recursion (and get responses from cache) for all zones, but you do not want computers outside your network (outside of your control) using your recursive server at all, because that makes you a vector for denial of service against other people's networks. Normally, the setting on a recursive server for allow-query-cache will match your restrictions on recursion. That is, the same clients which are allowed to send recursive queries are allowed to get answers from cache. PGP.sig Description: Binary data ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
differences between BIND 9.4 and 9.5
Hello, Could you pls point me to the documentation explaning the major differences between BIND 9.4 and 9.5 releases? I looked at https://www.isc.org/downloadables/11 and didn't find that information. Thank you ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
