Am 03.06.2015 um 09:14 schrieb Petr Spacek:
so with setup a dns cache on each and every machine you fuckup your network because you introduce the same negative TTL caching affecting OSX clients for years nowPlease let me clarify few things: 1) Negative caching is controlled by zone owner. If you are not happy that OSX/Windows clients cache negative answers for zones your company use - no problem, set SOA minimum field to 1 second and be done with that.
bad idea when you maintain public nameservers for some hundret domains just because broken clietn software
2) Even if you have setup with site-wide caching resolvers, the responses from internal zones are cached anyway because all resolvers are not authoritative for all zones you care about (unless you are on a really small network).
they are and that don't depend on the network size
I.e. if the caching is a problem you have the problem even nowadays. The positive caching is controlled by zone owner, too. If you are worried about stale data on clients, go and lower TTL to 1 second.
keep your cynicism for yourselflower a TTL to 1 second is pure stupidity and without broken client software not needed in a network with authoritative nameservers where zone data is also shared with *public nameservers*
Lowering TTL should work for all clients, no matter if they have local cache or not, i.e. including Windows/OSX.
lowering TTLs to fix stupid client defaults is not a fix
Hopefully this shows that problem is not *technically* caused by caching on clients but by inappropriate TTL settings in zones. As a network administrator, you have the power to fix that centrally, without a need to touch every single client
sorry, but that is complete nonsense
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
