[Pdns-users] negative query caching for a delegated sub domain

aldus jung aldusj99 at gmail.com
Mon Jun 28 23:19:11 UTC 2010 

We are running BIND version 9.7.0 environment with a delegated subdomain
that is powered by pdns authoritative servers, and we have been noticing
negative caching behavior on the subdomain that's unexpected.  This may not
be a bug, but rather my lack of understanding of pdns.. so I am hoping that
someone on this forum could help in explaining this behavior.   (I've
changed the actual domain names as they are only used in our internal
network.)

So we have abc.com that BIND 9.7.0 is authoritative for.  And in named.hosts
of (host: bind1.abc.com), we have:

xyz         30  IN   NS         pdns1.abc.com.
xyz         30  IN   NS         pdns2.abc.com.


On bind1.abc.com, if you query for a host that doesn't exist, this is dig's
output:
> dig nohost.xyz.abc.com @bind1.abc.com
; <<>> DiG 9.3.5-P1 <<>> nohost.xyz.abc.com @bind1.abc.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1298
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;nohost.xyz.abc.com.                IN      A

;; AUTHORITY SECTION:
xyz.abc.com.     10800   IN      SOA     localhost. admin.abc.com. 1 60 3600
604800 3600

My question is, where is the '10800' coming from?  The SOA record on
pdns[12].abc.com has TTL of '86400'
Also, when I check the cache on bind1.abc.com, by doing: rndc -c rndc.conf
dumpdb -all, I see:

nohost.xyz.abc.com. 10796 \-ANY  ;-$NXDOMAIN
; xyz.abc.com. SOA localhost. admin.abc.com. 1 60 3600 604800 3600
; authauthority


Once we actually add 'nohost.xyz.abc.com' A record to the mysql database, it
takes significantly longer than 3600 seconds for the A record to resolve on
bind1.abc.com.

We are running pdns-2.9.22 with mysql backend on Linux 2.6.18.

In the 'records' table, the SOA looks like this:
id, name, domain_id, type, content, ttl, prio, change_date,
1, xyz.abc.com, 1, SOA, localhost admin at abc.com 1, 86400, NULL, NULL

In the 'domains' table:
id, master, name, last_check, type, notified_serial, account
1, NULL, xyz.abc.com, NULL, NATIVE, NULL,

________________________________
I've also set soa-refresh-default to '60' as it was the only place in the
pdns.conf where I saw '10800'.  And as you can see from the SOA entry, it
correctly shows 60 for the SOA refresh.

If there are additional information that's needed to solve this puzzle,
please let me know.  thanks for all your help.

AJ
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20100628/7743f07a/attachment.html>

More information about the Pdns-users mailing list