0

I have a query about nginx resolver that I cannot get a clear answer for from the docs.

By default, nginx caches answers using the TTL value of a response. An optional valid parameter allows overriding it: resolver 127.0.0.1 [::1]:5353 valid=30s;

However my concern is related to handling of a temporary dns resolution failure (NXDOMAIN or some timeout on DNS) - assuming I do not set a specific valid=. In that case I will not have TTL in an answer section. Does nginx resolver cache that negative result and if so will setting valid= impact the "TTL" of that negative caching?

rtmie
  • 151
  • 3
  • I have identified the root cause of my issue and it is not related to negative DNS caching. To record for anyone encountering my issue relates to behaviour of the nginx in built resolver whilst running in a kubernetes cluster and using the clusters kubernetes service for coredns as the resolver IP. – rtmie Sep 07 '22 at 15:25

1 Answers1

0

I have identified the root cause of my issue and it is not related to negative DNS caching. To record for anyone encountering my issue relates to behaviour of the nginx in built resolver whilst running in a kubernetes cluster and using the clusters kubernetes service for coredns as the resolver IP. What happens in this scenario is that nginx appears to maintain the first used coredns service endpoint it got via the kubernetes service for all resolutions. If that coredns service endpoint goes away then the resolver is broken until the pod is restarted and gets new endpoint. In short do not try to use nginx resolver with kubernetes DNS service!

rtmie
  • 151
  • 3