Date: Thu, 17 May 2007 04:11:27 +1000 From: Mikhail Goriachev <mikhailg@webanoide.org> To: Jack Barnett <jackbarnett@gmail.com> Cc: freeBSD <freebsd-questions@freebsd.org> Subject: Re: DNS Cache - Bind Message-ID: <464B494F.4090001@webanoide.org> In-Reply-To: <dedb607c0705151945s3fbc4011wad5bdd6cf90dfba6@mail.gmail.com> References: <dedb607c0705151945s3fbc4011wad5bdd6cf90dfba6@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Jack Barnett wrote: > I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network. > > It doesn't have any zones, it's just a local DNS that has a bunch of forwarders. > > The first request is slow (between 150 and 300 ms) - but after that > (the next query on same domain) is fast (less then 10 ms usually). > This is nice and working the way I like it. :) > > What I'm wondering though is: > > a) How do I flush the cache if I need to (ie. need to get a new update > from the forwards) - just restart named? # man rndc # rndc flush > b) Are there any settings I can tweak that determine how long the > cache is kept? (ie. Say I want to keep all queries for 7 days before > they are queried from the upstream DNS servers). [This will probably > screw up dynamic DNS sites, but want to see what settings are > available] # man named.conf But this is what you're after: max-cache-ttl integer; www.isc.org has a lot more (detailed) info. > c) Is there a easy way to 'blacklist' sites? Say I want > 'SpammerNetwork.com' to resolve to 127.0.0.1. This is a great start: http://www.cymru.com/Documents/secure-bind-template.html > Basically I want to take this host file: > http://www.mvps.org/winhelp2002/hosts.htm > and then pump it into my DNS server, that way all the LAN clients are > "protected" from these sites. > Is there a way to do that? Regards, Mikhail. -- Mikhail Goriachev Webanoide Telephone: +61 (0)3 62252501 Mobile Phone: +61 (0)4 38255158 E-Mail: mikhailg@webanoide.org Web: www.webanoide.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?464B494F.4090001>