Ulrich Drepper (udrepper) wrote,
Ulrich Drepper
udrepper

nscd and DNS TTL

Recently some people spread their non-existing knowledge about nscd (Name Service Cache Daemon) by claiming it ignores the TTL (time-to-live) value a DNS server returns. As far as I know this rampant ignorance is especially wide-spread in the ubuntu world. They claim that for this reason one has to run a local, caching DNS server. This is complete nonsense. nscd does handle TTL for a long time now (committed to the public CVS on 2004-9-15). All reasonable requests are handled, i.e., all getaddrinfo requests.

As I have pointed out many times before (here and here and in other places), it is completely unacceptable today to use gethostbyname etc. These functions simply don't work. Which is why I found it unnecessary to make the implementation of nscd more complicated and add more compatiblity and maintenance problems just to fix one of the many problems these interfaces have. Just don't use them and convert all your programs (e.g., I think we've done just that for all of RHEL and Fedora nowadays). Also don't use

  getent hosts some.host


You have to use

  getent ahosts some.host


For all getaddrinfo lookups the TTL value from DNS replies takes precedence over the TTL value from /etc/nscd.conf. The latter is used for services which do not provide a TTL themselves (today all other services).
Subscribe
  • Post a new comment

    Error

    Comments allowed for friends only

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment