From owner-freebsd-hackers@FreeBSD.ORG  Tue Oct 11 04:51:09 2011
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CD6D9106566B;
	Tue, 11 Oct 2011 04:51:09 +0000 (UTC)
	(envelope-from perryh@pluto.rain.com)
Received: from agora.rdrop.com (agora.rdrop.com [IPv6:2607:f678:1010::34])
	by mx1.freebsd.org (Postfix) with ESMTP id A556C8FC08;
	Tue, 11 Oct 2011 04:51:09 +0000 (UTC)
Received: from agora.rdrop.com (66@localhost [127.0.0.1])
	by agora.rdrop.com (8.13.1/8.12.7) with ESMTP id p9B4p7xW029693
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Mon, 10 Oct 2011 21:51:08 -0700 (PDT)
	(envelope-from perryh@pluto.rain.com)
Received: (from uucp@localhost)
	by agora.rdrop.com (8.13.1/8.12.9/Submit) with UUCP id p9B4p7IE029691; 
	Mon, 10 Oct 2011 21:51:07 -0700 (PDT)
Received: from fbsd81 ([192.168.200.81]) by pluto.rain.com
	(4.1/SMI-4.1-pluto-M2060407) id AA14543; Mon, 10 Oct 11 21:43:53 PDT
Date: Tue, 11 Oct 2011 04:42:58 -0700
From: perryh@pluto.rain.com
To: dougb@freebsd.org
Message-Id: <4e942bc2.diL95Gr/XYELJ+gj%perryh@pluto.rain.com>
References: <20111004160043.GA16034@lpthe.jussieu.fr>
	<051853CE-03EC-4EEC-A5AC-C380131B28E4@gsoft.com.au>
	<alpine.BSF.2.00.1110050931310.18373@mail.fig.ol.no>
	<j6k00t$2tk$1@dough.gmane.org>
	<4e8f073c.3g2aD/Zz9KdsWOKN%perryh@pluto.rain.com>
	<CAFHbX1LN5zidePrusaSyD_nE79VwbjNpc4s7TwMszYKBK=n4NQ@mail.gmail.com>
	<CANkaO_ESdeoSiuwatqaPEY+DDN8eGGj_ymPsxOsu9AOtHX6ydQ@mail.gmail.com>
	<CAHHaOuYkhYp_x5ONbRcr_8Zb6ZcyPaZZvG02f6f1+8XyQYUe+g@mail.gmail.com>
	<4E935105.1090602@FreeBSD.org>
In-Reply-To: <4E935105.1090602@FreeBSD.org>
User-Agent: nail 11.25 7/29/05
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: freebsd-hackers@freebsd.org
Subject: Re: Does anyone use nscd?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Oct 2011 04:51:09 -0000

Doug Barton <dougb@freebsd.org> wrote:

> On 10/10/2011 11:55, David Brodbeck wrote:
> > Is there any reason to cache negative hits?
>
> It's very important for DNS since there are a fairly large number
> of misbehaving applications that don't stop querying until they
> get some kind of answer.

Would this need be sufficiently covered if negative cache timeout
were set to, say, 1/4 of a second?  That should be short enough
to cover virtually any instance in which a missing entry is added
manually and the new entry then needs to be found.

> And speaking of DNS, while I think that improving nscd is a good
> goal I wonder how much use it will be in the world to come when
> DNSSEC becomes more important ...

Is there something about DNSSEC that makes it fundamentally
incompatible with a local cache such as nscd, or is it simply
a matter of nscd needing a bit of work to support DNSSEC?