On 3.6.2015 10:58, Reindl Harald wrote: > > Am 03.06.2015 um 09:14 schrieb Petr Spacek: >>> so with setup a dns cache on each and every machine you fuckup your network >>> because you introduce the same negative TTL caching affecting OSX clients for >>> years now >> >> Please let me clarify few things: >> >> 1) Negative caching is controlled by zone owner. If you are not happy that >> OSX/Windows clients cache negative answers for zones your company use - no >> problem, set SOA minimum field to 1 second and be done with that. > > bad idea when you maintain public nameservers for some hundret domains just I agree that it is a very bad idea to ignore DNS caching. It was built-in on purpose. > because broken clietn software I'm sorry for disappointing you. The behavior I describe is standard for last ~ 20 years 1987 (RFCs 1034/1035/2308). If you don't agree with standard then you cannot use DNS technology as standardized. Here I'm not sure if other Fedora users would also welcome non-standard behavior. If you feel that the standard is broken then *please* continue with discussion on IETF's dnsop mailing list: https://www.ietf.org/mailman/listinfo/dnsop Thank you for understanding. Petr^2 Spacek >> 2) Even if you have setup with site-wide caching resolvers, the responses from >> internal zones are cached anyway because all resolvers are not authoritative >> for all zones you care about (unless you are on a really small network). > > they are and that don't depend on the network size > >> I.e. if the caching is a problem you have the problem even nowadays. >> >> The positive caching is controlled by zone owner, too. If you are worried >> about stale data on clients, go and lower TTL to 1 second. > > keep your cynicism for yourself > > lower a TTL to 1 second is pure stupidity and without broken client software > not needed in a network with authoritative nameservers where zone data is also > shared with *public nameservers* > >> Lowering TTL should work for all clients, no matter if they have local cache >> or not, i.e. including Windows/OSX. > > lowering TTLs to fix stupid client defaults is not a fix > >> Hopefully this shows that problem is not *technically* caused by caching on >> clients but by inappropriate TTL settings in zones. As a network >> administrator, you have the power to fix that centrally, without a need to >> touch every single client > > sorry, but that is complete nonsense -- Petr Spacek @ Red Hat -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
