[rbldnsd] TTLs and negative caching
Jon Lewis
jlewis at lewis.org
Tue Aug 3 15:51:56 MSD 2004
On Tue, 3 Aug 2004, Jeff Chan wrote:
> We run SURBL which has RBLs containing spam URI domains.
> They are used to block spam based on URI domains contained
> in message bodies.
>
> Currently some of our zone files have fairly long TTLs
> of several hours. This appears to be causing new entries
> to take several hours to become active.
>
> 1. Does that sound right? In other words does TTL apply
> to negative caching or only to positive caching (or to both).
> By observing the behavior of an rbldnsd installation, TTL
> does seem to affect negative caching.
>
> 2. Can we expect a lot more DNS traffic if we lower our
> TTLs to say 10 minutes?
Yes. Don't do that. Instead, set a small TTL via the SOA record (this
will be used as the negative cache TTL). You can set the positive answer
TTL separately via a -t commandline arg or $TTL special in datasets.
If you look at the NJABL servers, positive answers have a TTL of 21600,
but negatives have 900.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the rbldnsd
mailing list