Page MenuHomeVyOS Platform
Create Task
Maniphest T558

Configurable Negative TTL caching in forwarder
Closed, ResolvedPublicFEATURE REQUEST
Actions

Description

Currently we don't have a way to set this,
so in Active Directory environment, when you use VyOS as dns forwarder,
in case when VyOS resolves some fqdn to NXDOMAIN it will cache it for long time,
that makes troubles in certain situations.
We need to have this configurable

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close

Event Timeline

syncer created this task.Feb 21 2018, 10:51 AM
syncer moved this task from Need Triage to Backlog on the VyOS 1.2 Crux board.
syncer triaged this task as Normal priority.Feb 27 2018, 2:13 PM
c-po added a subscriber: c-po.May 21 2018, 7:38 AM

@syncer this seems to be the option, plese correct if wrong.

max-negative-ttl

Integer
Default: 3600
A query for which there is authoritatively no answer is cached to quickly deny a record's existence later on, without putting a heavy load on the remote server. In practice, caches can become saturated with hundreds of thousands of hosts which are tried only once. This setting, which defaults to 3600 seconds, puts a maximum on the amount of time negative entries are cached.

If that‘s rhe case adding is done in 10 minutes

syncer assigned this task to c-po.May 21 2018, 7:41 AM

Yes, that is correct option

c-po added a comment.EditedMay 21 2018, 9:32 AM

Commands will be:

cpo@LR1# set service dns forwarding
Possible completions:
   negative-ttl Maximum amount of time negative entries are cached

cpo@LR1# set service dns forwarding negative-ttl
Possible completions:
   0-7200       Seconds to cache NXDOMAIN entries

This adds the following snipped to recursor.conf if value set to 7200

# negative TTL for NXDOMAIN
max-negative-ttl=7200
c-po moved this task from Backlog to In Progress on the VyOS 1.2 Crux board.May 21 2018, 9:39 AM
c-po moved this task from In Progress to Finished on the VyOS 1.2 Crux board.May 21 2018, 9:50 AM
c-po edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux.Aug 26 2018, 1:07 PM
c-po removed subscribers: c-po, syncer.
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc2); removed VyOS 1.2 Crux (VyOS 1.2.0-rc1).Oct 9 2018, 6:42 AM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc3); removed VyOS 1.2 Crux (VyOS 1.2.0-rc2).Oct 13 2018, 9:28 AM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc4); removed VyOS 1.2 Crux (VyOS 1.2.0-rc3).Oct 15 2018, 10:15 PM
c-po closed this task as Resolved.Oct 16 2018, 4:39 AM
syncer added a project: VyOS-1.2.0-GA.Oct 16 2018, 5:27 AM
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-rc4) board.
pasik added a subscriber: pasik.Oct 31 2018, 7:43 AM