Bind Caching Nameserver <was: Re: [CentOS] Caching nameserver -- Name Services Cache Daemon (nscd)>
William Warren
hescominsoon at emmanuelcomputerconsulting.com
Wed Aug 10 17:10:28 UTC 2005
it is looking like it's partially windows brain dead dns caching as
well. The caching is now working..I just need tog et the reverse
lookups working so nslookup will like it. Right now there's a two
second pause while my windows client tries to wait for the reverse
lookup then it goes ahead and uses the server i specified. Once we get
all the kinks out then i can set my firewalls dhcp server to hand out
Enoch as the primary(and only) dns server..:)
William Warren <hescominsoon at emmanuelcomputerconsulting.com>
wrote:
>> Let me restate what i am trying to do and the original
>> error: I have a centos-4 machine that acts as a samba
>> file server and my ntp time server. I now want to have it
>> be a dns caching name server for my network since my
>> firewall's caching is not long enough for me.
Are you sure it's the server?
Most firewalls these days are BSD (including variants
like VxWorks) and Linux network stacks and use BIND or
another POSIX DNS service.
As I mentioned in a previous post:
http://lists.centos.org/pipermail/centos/2005-August/009553.html
Windows NT5+ (2000+) client systems have a _flawed_,
_default_ logic to "hold down" DNS resolution upon failure.
That means if a DNS resolution fails, Windows clients will
_not_ requery the server _until_ that timeout passes. There
is a registry hack to change this as follows:
[ From http://www.winguides.com/registry/display.php/1203/ ]
'To change the DNS cache timeout for negative responses
(where a lookup failed).
Windows 2000 - Create or modify the DWORD value called
"NegativeCacheTime".
Windows XP and .NET Server 2003 - Create or modify the
DWORD value called "MaxNegativeCacheTtl".
Set the value to equal the required timeout in seconds
the default is 300 (5 minutes).
Restart Windows for the changes to take effect.'
It's my #1 recommendation until you resolve the problem.
UNIX clients/resolvers _never_ (AFAIK) cache a "failure,"
only Windows -- which I think is flawed, but there is a
reason for it (that has to do with legacy SMB file/print).
Regardless of what solution you come to on the server,
consider doing the above.
-- Bryan J. Smith | Sent from Yahoo Mail mailto:b.j.smith at ieee.org |
(please excuse any http://thebs413.blogspot.com/ | missing headers)
_______________________________________________ CentOS mailing list
CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos .
More information about the CentOS
mailing list