Re: what does "max-ncache-ttl 0;" mean?

2016-03-02 Thread Evan Hunt
> So, it might actually mean "as big as possible". > > Consult the source code to be sure. Tony did consult the source code, upthread. And he was correct: for this particular option, zero does mean zero. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc.

RE: what does "max-ncache-ttl 0;" mean?

2016-03-02 Thread Darcy Kevin (FCA)
I wouldn't be so quick to assume that. Nota bene this part of the ARM: "Integers may take values 0 <= value <= 18446744073709551615, though certain parameters (such as max-journal-size) may use a more limited range within these extremes. In most cases, setting a value to 0 does not literally

Re: hhs.gov resolvers broken, or BIND misconfigured?

2016-03-02 Thread James Ralston
On Wed, Mar 2, 2016 at 7:08 AM, Tony Finch wrote: > James Ralston wrote: > > > We're running a recursive resolver on RHEL6, using the latest > > RHEL-provided BIND package, bind-9.8.2-0.37.rc1.el6_7.6. The > > recursive resolver only has an IPv4 interface; it

Re: what does "max-ncache-ttl 0;" mean?

2016-03-02 Thread Matus UHLAR - fantomas
MURTARI, JOHN wrote: So far, all the postings I've seen just echo what he already said (and knows). The question is - what happens when you set it to ZERO? I'm wondering myself - anyone have a real answer? On 02.03.16 13:29, Tony Finch wrote: The code says zero means zero,

Re: what does "max-ncache-ttl 0;" mean?

2016-03-02 Thread Tony Finch
MURTARI, JOHN wrote: > > So far, all the postings I've seen just echo what he already said (and > knows). The question is - what happens when you set it to ZERO? > > I'm wondering myself - anyone have a real answer? The code says zero means zero, so in effect it would disable

Re: what does "max-ncache-ttl 0;" mean?

2016-03-02 Thread MURTARI, JOHN
Folks, Never has so little been said by so many? The OP asked: == man pages for named.conf says "max-ncache-ttl " and only talks about default values and max values - no mention of minimum-value. Does "max-ncache-ttl 0;" mean never cache negative queries (queries resulting

Re: hhs.gov resolvers broken, or BIND misconfigured?

2016-03-02 Thread Tony Finch
James Ralston wrote: > > We're running a recursive resolver on RHEL6, using the latest > RHEL-provided BIND package, bind-9.8.2-0.37.rc1.el6_7.6. The > recursive resolver only has an IPv4 interface; it does not have an > IPv6 interface. DNSSEC is enabled (by default). Dunno