From owner-freebsd-hackers@FreeBSD.ORG Tue Oct 11 08:32:16 2011 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A3608106566B for ; Tue, 11 Oct 2011 08:32:16 +0000 (UTC) (envelope-from realbushman@gmail.com) Received: from mail-qy0-f182.google.com (mail-qy0-f182.google.com [209.85.216.182]) by mx1.freebsd.org (Postfix) with ESMTP id 4799E8FC08 for ; Tue, 11 Oct 2011 08:32:15 +0000 (UTC) Received: by qyk4 with SMTP id 4so6586719qyk.13 for ; Tue, 11 Oct 2011 01:32:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=AE8/ghhcehVBFXzGAlfo/nHsk2IamVH7Ueblpsbmyj8=; b=uK7bxJCxWQ7/5y3Kzij9htB7/T+ngz7AWgM1giMUKft6h/dIAsECcoAc7ffr0JWooX 7Kk4z5PQEesgRoFPLlBKWT8OVe8s/o8zQPHSA1szgcxevvT0YyszhahbYVvKQd9yamcg iU92rMB7sDeouDkgNOOfq47tbyrJc1OgbFYbQ= MIME-Version: 1.0 Received: by 10.229.228.4 with SMTP id jc4mr2087179qcb.173.1318321935364; Tue, 11 Oct 2011 01:32:15 -0700 (PDT) Sender: realbushman@gmail.com Received: by 10.229.8.66 with HTTP; Tue, 11 Oct 2011 01:32:15 -0700 (PDT) In-Reply-To: <4e942bc2.diL95Gr/XYELJ+gj%perryh@pluto.rain.com> References: <20111004160043.GA16034@lpthe.jussieu.fr> <051853CE-03EC-4EEC-A5AC-C380131B28E4@gsoft.com.au> <4e8f073c.3g2aD/Zz9KdsWOKN%perryh@pluto.rain.com> <4E935105.1090602@FreeBSD.org> <4e942bc2.diL95Gr/XYELJ+gj%perryh@pluto.rain.com> Date: Tue, 11 Oct 2011 10:32:15 +0200 X-Google-Sender-Auth: AX2GkiLvr2oV5iu4PV9s_zFtj3s Message-ID: From: Michael Bushkov To: perryh@pluto.rain.com Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org, dougb@freebsd.org Subject: Re: Does anyone use nscd? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Oct 2011 08:32:16 -0000 On Tue, Oct 11, 2011 at 1:42 PM, wrote: > Doug Barton wrote: > >> On 10/10/2011 11:55, David Brodbeck wrote: >> > Is there any reason to cache negative hits? >> >> It's very important for DNS since there are a fairly large number >> of misbehaving applications that don't stop querying until they >> get some kind of answer. > > Would this need be sufficiently covered if negative cache timeout > were set to, say, 1/4 of a second? =A0That should be short enough > to cover virtually any instance in which a missing entry is added > manually and the new entry then needs to be found. You can actually change negative caching timeout as well as turn it off completely. There's negative-time-to-live option in nscd.conf (see http://www.freebsd.org/cgi/man.cgi?query=3Dnscd.conf). Unfortunately it accepts only integer number of seconds, so 1/4 of a second is impossible. But you can turn negative caching off completely by setting negative-time-to-live to 0. > >> And speaking of DNS, while I think that improving nscd is a good >> goal I wonder how much use it will be in the world to come when >> DNSSEC becomes more important ... > > Is there something about DNSSEC that makes it fundamentally > incompatible with a local cache such as nscd, or is it simply > a matter of nscd needing a bit of work to support DNSSEC? > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org= " > >