[FC3] Sites 'disappearing' from DNS
Nigel Wade
nmw at ion.le.ac.uk
Thu Apr 7 10:17:40 UTC 2005
Andy Green wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Nigel Wade wrote:
>
> | Given that nscd is the "problem", you can alter the time for which nscd
> | caches failed DNS lookups. In /etc/nscd.conf change the timeout value in
> |
> | negative-time-to-live hosts 300
> |
> | to a smaller value than 300 seconds.
>
> As I understand it the behaviour of ncsd is just a symptom of the "real"
> problem which is wrongful intermittent failed lookups, presumably due to
> a timed-out lookup. One might imagine it would be better to treat that
> disease than just try to minimize the pain by reducing the negative time
> to live?
>
DNS timeouts are a fact of life, they are not "wrongful", you have to live
with them. If your DNS server doesn't have an entry for the hostname you
request (all entries have a fixed TTL), then it has to request it from its
upstream server. This goes all the way up to a top level domain, and then
back down to the authoritative server for the domain in question. If this
takes longer than 30s (the ususal timeout for DNS lookup) then you get a
failed lookup returned by your DNS server. You can't treat it, it isn't a
"disease", it's part of the way DNS works.
The root of this particular problem is that nscd caches this failed lookup
for you, DNS does not.
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw at ion.le.ac.uk
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
More information about the fedora-list
mailing list