serve-expired: "yes" and cache-min-ttl: 30 unsafe?
Nick Urbanik
nicku at nicku.org
Thu Oct 25 07:10:37 UTC 2018
Dear Folks,
Thank you for an excellent piece of software.
I am puzzled by the behaviour of our multi-level DNS system which
answered many queries for names having shorter TTLs with SERVFAIL.
By multilevel, I mean clients talk to one server, which forwards to
another, and for some clients, there is a third level of caching.
So it was unwise to add:
serve-expired: "yes"
cache-min-ttl: 30
to the server section of these DNS servers running unbound 1.6.8 on
up to date RHEL 7? Please could anyone cast some light on why this
was so? I will be spending some time examining the cause.
If you need more information, please let me know.
--
Nick Urbanik http://nicku.org nicku at nicku.org
GPG: 7FFA CDC7 5A77 0558 DC7A 790A 16DF EC5B BB9D 2C24 ID: BB9D2C24
More information about the Unbound-users
mailing list