[Pdns-users] Packet cache + allow-recursion
Norbert Sendetzky
norbert at linuxnetworks.de
Sun Feb 1 19:22:03 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all
I've found a negative side effect of the "whole packet caching" in
combination with the allow-recursion feature:
If a query is started from a host which is not allowed to get
recursive answers, it will get a response "NXDOMAIN". This response
is cached and if now another host (this one is allowed to do
recursive queries) questions for the same record, it will get the
same answer instead of the correct one.
The other way (allowed host first) round the same happens and the host
which isn't allow to recurse get the answer of the first question.
I don't know how to fix this soon, so be careful about the
allow-recursion feature, especially if you're cache ttls are high.
Norbert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAkAdUdsACgkQxMLs5v5/7eDsYACffEyp2DttClhI/3g/n2OJA82M
wo8An2zILw8gT1lr/WuI3qQhRuA6de/W
=BIKV
-----END PGP SIGNATURE-----
More information about the Pdns-users
mailing list