We are running BIND version 9.7.0 environment with a delegated subdomain that is powered by pdns authoritative servers, and we have been noticing negative caching behavior on the subdomain that's unexpected. This may not be a bug, but rather my lack of understanding of pdns.. so I am hoping that someone on this forum could help in explaining this behavior. (I've changed the actual domain names as they are only used in our internal network.)<div>
<br></div><div>So we have <a href="http://abc.com">abc.com</a> that BIND 9.7.0 is authoritative for. And in named.hosts of (host: <a href="http://bind1.abc.com">bind1.abc.com</a>), we have:</div><div><br></div><div>xyz 30 IN NS <a href="http://pdns1.abc.com">pdns1.abc.com</a>.</div>
<div>xyz 30 IN NS <a href="http://pdns2.abc.com">pdns2.abc.com</a>.<br><div><br></div><div><br><div>On <a href="http://bind1.abc.com">bind1.abc.com</a>, if you query for a host that doesn't exist, this is dig's output:</div>
<div>> dig <a href="http://nohost.xyz.abc.com">nohost.xyz.abc.com</a> @<a href="http://bind1.abc.com">bind1.abc.com</a></div><div><div>; <<>> DiG 9.3.5-P1 <<>> <a href="http://nohost.xyz.abc.com">nohost.xyz.abc.com</a> @<a href="http://bind1.abc.com">bind1.abc.com</a></div>
<div>;; global options: printcmd</div><div>;; Got answer:</div><div>;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1298</div><div>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0</div>
<div><br></div><div>;; QUESTION SECTION:</div><div>;<a href="http://nohost.xyz.abc.com">nohost.xyz.abc.com</a>. IN A</div><div><br></div><div>;; AUTHORITY SECTION:</div><div><a href="http://xyz.abc.com">xyz.abc.com</a>. 10800 IN SOA localhost. <a href="http://admin.abc.com">admin.abc.com</a>. 1 60 3600 604800 3600</div>
</div><div><br></div><div><div>My question is, where is the '10800' coming from? The SOA record on pdns[12].<a href="http://abc.com">abc.com</a> has TTL of '86400'</div><div>Also, when I check the cache on <a href="http://bind1.abc.com">bind1.abc.com</a>, by doing: rndc -c rndc.conf dumpdb -all, I see:</div>
<div><div><br></div><div><a href="http://nohost.xyz.abc.com">nohost.xyz.abc.com</a>. 10796 \-ANY ;-$NXDOMAIN</div><div>; <a href="http://xyz.abc.com">xyz.abc.com</a>. SOA localhost. <a href="http://admin.abc.com">admin.abc.com</a>. 1 60 3600 604800 3600</div>
<div>; authauthority</div></div><div><br></div><div><br></div><div>Once we actually add '<a href="http://nohost.xyz.abc.com">nohost.xyz.abc.com</a>' A record to the mysql database, it takes significantly longer than 3600 seconds for the A record to resolve on <a href="http://bind1.abc.com">bind1.abc.com</a>.</div>
<div><br></div><div>We are running pdns-2.9.22 with mysql backend on Linux 2.6.18.</div><div><br></div><div>In the 'records' table, the SOA looks like this:</div><div>id, name, domain_id, type, content, ttl, prio, change_date, </div>
<div>1, <a href="http://xyz.abc.com">xyz.abc.com</a>, 1, SOA, localhost <a href="mailto:admin@abc.com">admin@abc.com</a> 1, 86400, NULL, NULL</div><div><br></div><div>In the 'domains' table:</div><div>id, master, name, last_check, type, notified_serial, account</div>
<div>1, NULL, <a href="http://xyz.abc.com">xyz.abc.com</a>, NULL, NATIVE, NULL,</div><div><br></div><div>________________________________</div><div>I've also set soa-refresh-default to '60' as it was the only place in the pdns.conf where I saw '10800'. And as you can see from the SOA entry, it correctly shows 60 for the SOA refresh.</div>
<div><br></div><div>If there are additional information that's needed to solve this puzzle, please let me know. thanks for all your help.</div><div><br></div><div>AJ</div><div><br></div><div><br></div><div><br></div>
<div><br></div></div></div></div>