Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 17 May 2007 04:11:27 +1000
From:      Mikhail Goriachev <mikhailg@webanoide.org>
To:        Jack Barnett <jackbarnett@gmail.com>
Cc:        freeBSD <freebsd-questions@freebsd.org>
Subject:   Re: DNS Cache - Bind
Message-ID:  <464B494F.4090001@webanoide.org>
In-Reply-To: <dedb607c0705151945s3fbc4011wad5bdd6cf90dfba6@mail.gmail.com>
References:  <dedb607c0705151945s3fbc4011wad5bdd6cf90dfba6@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Jack Barnett wrote:
> I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network.
> 
> It doesn't have any zones, it's just a local DNS that has a bunch of forwarders.
> 
> The first request is slow (between 150 and 300 ms) - but after that
> (the next query on same domain) is fast (less then 10 ms usually).
> This is nice and working the way I like it. :)
> 
> What I'm wondering though is:
> 
> a) How do I flush the cache if I need to (ie. need to get a new update
> from the forwards) - just restart named?


# man rndc

# rndc flush


> b) Are there any settings I can tweak that determine how long the
> cache is kept?  (ie. Say I want to keep all queries for 7 days before
> they are queried from the upstream DNS servers).  [This will probably
> screw up dynamic DNS sites, but want to see what settings are
> available]


# man named.conf

But this is what you're after:

max-cache-ttl integer;


www.isc.org has a lot more (detailed) info.


> c) Is there a easy way to 'blacklist' sites?  Say I want
> 'SpammerNetwork.com' to resolve to 127.0.0.1.


This is a great start:

http://www.cymru.com/Documents/secure-bind-template.html


> Basically I want to take this host file:
> http://www.mvps.org/winhelp2002/hosts.htm
> and then pump it into my DNS server, that way all the LAN clients are
> "protected" from these sites.
> Is there a way to do that?


Regards,
Mikhail.

-- 
Mikhail Goriachev
Webanoide

Telephone: +61 (0)3 62252501
Mobile Phone: +61 (0)4 38255158
E-Mail: mikhailg@webanoide.org
Web: www.webanoide.org

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?464B494F.4090001>