0

i installed a classic bind9 dns server inside a local network, working as a forwarding dns server, there is my config file (i just added my ISP DNS servers as forwarders):

options {

directory "/var/cache/bind";

forwarders { 212.27.40.240; 212.27.40.241; };

forward only;

dnssec-validation auto;

auth-nxdomain no; # conform to RFC1035

listen-on-v6 { any; }; };

my point of interest is the "Query time" obtained when using dig

i used dig @my_dns_ipadress www.google.com

i also added the time when was sent the query

06:04:47 --> ;; Query time: 157 msec (first query after bind was started)

06:09:24 --> ;; Query time: 1 msec

06:29:28 --> ;; Query time: 106 msec

06:39:39 --> ;; Query time: 1 msec

07:04:21 --> ;; Query time: 98 msec

my question is, why the 3rd and 5th query time are not around 1 msec ? the cache did not seems to be used

I also performed these tests while dumping outgoing udp 53 packets toward my isp dns server and i found that when the query time is above 1 or 2 msec, bind sent dns requests to my isp dns server.

So how can i force bind to use his cache ?

Matt
  • 1

2 Answers2

1

bind cannot cache a record for more time than the record's TTL (time to live). www.google.com has a TTL of 5 minutes, therefore the cached record will expire after that much time.

Dan
  • 661
  • 4
  • 7
0

I managed to do it by using unbound dns server, setting the "cache-min-ttl" option to 604800 seconds (1 week). The cache is always used during one week, Qery time is between 1 and 3 ms

Matt
  • 1