cache-max-ttl
Daisuke HIGASHI
daisuke.higashi at gmail.com
Sat Dec 1 16:12:47 UTC 2018
Hi,
cache-max-ttl option defines upper-bound of RRsets TTL
but initial TTL value _shown_ by Unbound’s response is original TTL e.g.:
original TTL: 86400
cache-max-ttl: 300
1. TTL value just after RRsets cached: 86400
2. TTL value after 100 seconds: 86300
3. TTL value after 299 seconds: 86101
4. TTL value after 300 seconds: (expired)
This is documented behavior, but problematic if there is caching DNS proxy
(e.g. home router) between Unbound and client — The DNS proxy will cache
RRsets with large (86400) TTL and hold them long time regardless of
cache-max-ttl.
I think that Unbound's implementation should be changed so that
cache-max-ttl defines also upper-bound of initial TTL shown
by Unbound's response just like:
1. TTL value just after RRsets cached: 300
2. TTL value after 100 seconds: 200
3. TTL value after 299 seconds: 1
4. TTL value after 300 seconds: (expired)
A quick hack patch attached.
Is it useful? And is it harmless to existing Unbound deployments?
Regards,
--
Daisuke HIGASHI
-------------- next part --------------
A non-text attachment was scrubbed...
Name: min-ttl.patch
Type: application/octet-stream
Size: 510 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20181202/c27b7841/attachment.obj>
More information about the Unbound-users
mailing list