[Pdns-users] max-negative-ttl does not work

[Stefan Priebe - Profihost AG]

Hi,

Am 09.01.19 um 09:53 schrieb Nico CARTRON:
> On 09-Jan-2019 09:39 CET, <s.priebe at profihost.ag> wrote:
> 
>> Hi Nico,
>>
>> Am 09.01.19 um 09:33 schrieb Nico CARTRON:
>>> Hi Stefan,
>>>
>>> On 09-Jan-2019 09:19 CET, <s.priebe at profihost.ag> wrote:
>>>
>>>> Dear List,
>>>>
>>>> i'm trying to get max-negative-ttl to work but i can't.
>>>>
>>>> # dpkg -s pdns-recursor  | grep Version
>>>> Version: 4.1.8-1pdns.stretch
>>>>
>>>> # grep max-negative-ttl /etc/powerdns/recursor.conf
>>>> max-negative-ttl=30
>>>>
>>>> # dig -t A unknowndomainxyz.multi.hiddendomain.de
>>>> ...
>>>> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26437
>>>> ...
>>>>
>>>> dumped cache:
>>>>
>>>> # grep "unknowndomainxyz.multi.hiddendomain.de" /cachefile
>>>> unknowndomainxyz.multi.hiddendomain.de. 3588 A  ; tag 0
>>>>
>>>> Why is the TTL 3588 when max-negative-ttl is set to 30?
>>>
>>> Just did a quick check on one of my Recursor, version 4.1.8 running on
>>> FreeBSD, and max-negative-ttl works as expected (i.e. if I set it to 30
>>> seconds, I correctly get this back, should it be with a dig or when
>>> dumping the cache).
>>>
>>> Did you forget to restart the recursor after having changed the value in
>>> the recursor.conf? Cause the 3600 value is the default one.
>>
>> No it was def. restarted after changing the config.
>>
>> See below:
>> # rec_control get-parameter max-negative-ttl
>> max-negative-ttl="30"
>>
>> Greets,
>> Stefan
>>
> 
> So I did the test on a Debian Stretch, with the same version as you:
> 
> root at vm-pdns1-lab:/etc/powerdns# dpkg -s pdns-recursor |grep Version
> Version: 4.1.8-1pdns.stretch
> 
> and I also got it working.
> 
> Do you mind sharing your entire recursor.conf configuration file?

Do i can provide it - just an idea. I'm talking about a Subdomain wich
is missing / NXDOAIN - the domain itself exists with a TTL of 3600.

Did you test a subdomain, where the real domain exists?

Greets,
Stefan