[Pdns-users] Recursor: behaviour of packet cache
Remi Gacogne
remi.gacogne at powerdns.com
Thu Mar 16 13:07:16 UTC 2017
On 03/16/2017 01:00 PM, Brian Candler wrote:
> Question 1: does this mean that the packet cache includes the source
> IP address when deciding whether this is the "same" query or not?
No, it doesn't.
> Or was it other subtle differences between the query content, e.g.
> flags, which made them be treated differently? (Different clients
> have different versions of "dig")
Yes, in your tcpdump below we see that the first query doesn't have an
EDNS OPT record while the second one has one. The packet cache treats
them as different queries, as it has to because you can't reply to an
EDNS-ignorant query with an EDNS-enabled response.
> Question 2: how long before the packet cache entries expire,
> especially with regards to negative caching? Is it controlled by the
> SOA record?
A response is kept in the cache for at most packetcache-ttl, and even
less if any TTL in the response is lower than this value.
> That is, does the packet cache honour the negative cache of 3600
> seconds here?
No, but the default value of packetcache-ttl happens to be 3600 too
(https://doc.powerdns.com/md/recursor/settings/#packetcache-ttl).
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20170316/3ee20ad6/attachment.sig>
More information about the Pdns-users
mailing list