[dnsdist] Caching reverse lookups

Nico CARTRON nicolas at ncartron.org
Fri May 24 14:19:20 UTC 2019


Hi Jon,

[answering late, but better late than never ;)]

On 19-Mar-2019 22:02 CET, <radelj at folioinvesting.com> wrote:

> On 3/19/19 4:56 PM, Alan Clegg wrote:
> > On 3/19/19 4:51 PM, Jon Radel wrote:
> > > To add a bit more information:  It turns out to matter how I do the
> > > query.  If I do the query using dig 9.11.3 as shipped with Ubuntu, it
> > > doesn't get cached.  If I do the query with host, it does get cached.
> > > Which lead me to the thought that being a bit less clever with dig
> > > options might help.  With the +noedns flag, bind queries are also cached.
> > > 
> > > I'd love an explanation of why this is.
> > DNS Cookies.   https://tools.ietf.org/html/rfc7873
> > 
> > AlanC
> 
> Ah, indeed the +nocookie flag on bind is sufficient to change the behavior. 
> What value is there to caching the response in this case?  I would hope that
> cookie values wouldn't repeat often enough to make caching of value.

Correct me if I'm wrong, but when querying using recent dig (i.e. with DNS
Cookies enabled), dnsdist does not cache answers.
If you add +nocookie, then dnsdist caches the answer, right?

I'd say this is the expected behaviour: as you said, it doesn't make a lot of
sense to cache answers with cookies, as they are not really likely to be
repeated a lot.

Cheers,

-- 
Nico


More information about the dnsdist mailing list