Firewall Wizards mailing list archives
Re: DNS cache
From: Martin <marty () supine com>
Date: Wed, 7 Aug 2002 11:44:58 +1000
$author = "Dave Piscitello" ;
I hope this is not too far off topic, but can anyone tell me what the current "best practice" is for how frequently one should flush a DNS cache, and if large enterprise practice differs much from: - local/regional ISP - mid-tier ISP - top-tier ISP
ummm... i might be mistaken but for all situations the only time you should need to manually flush a cache is when you are made are aware that you have been a victim of a cache poisoning attack... if your DNS server follows the RFCs then it should be aging the cached records and renewing the cache by querying for the record again when a client requests the same record (and dropping the record from the cache if no clients request it). the start of authority (SOA) part of a zone file stipulates a default ttl and each rr can specify a ttl which sets how long before your server expires the record from it's cache. some servers allow you to set a maximum ttl which will override overly long ones... read about ttl here http://www.jhsoft.com/help/df_ttl.htm cheers marty -- And true love waits In haunted attics And true love wins On lollipops and crisps "True Love Waits" - Radiohead _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw) Ousmane Wilane (Aug 04)
- RE: Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw) Paul D. Robertson (Aug 04)
- RE: Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw) Barry A. Warsaw (Aug 05)
- RE: Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw) Paul D. Robertson (Aug 05)
- RE: Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw) Barry A. Warsaw (Aug 05)
- RE: Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw) Barry A. Warsaw (Aug 05)
- Message not available
- DNS cache Dave Piscitello (Aug 06)
- Re: DNS cache Martin (Aug 06)
- DNS cache Dave Piscitello (Aug 06)
- RE: Sourceforge sending out passwords in the clear (forwarded message from Barry A. Warsaw) Paul D. Robertson (Aug 04)