max-cache-size

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

max-cache-size

Jakob Dhondt
Hi everyone,

just a quick question about the max-cache-size option in bind. I
couldn't find any details online.

I was wondering if this option only includes DNS queries/responses
getting cached or anything else as well, e.g. RPZ zones being kept in
memory.

Cheers,

Jakob

--

SWITCH
Jakob Dhondt, Security Engineer, SWITCH-CERT
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 15, direct +41 44 268 16 23
[hidden email], www.switch.ch
Security-News: securityblog.switch.ch


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: max-cache-size

Mukund Sivaraman-2
On Thu, Apr 18, 2019 at 04:02:27PM +0200, Jakob Dhondt wrote:
> Hi everyone,
>
> just a quick question about the max-cache-size option in bind. I
> couldn't find any details online.
>
>
> I was wondering if this option only includes DNS queries/responses
> getting cached or anything else as well, e.g. RPZ zones being kept in
> memory.

The max-cache-size setting is a guide to the in-memory cache database
code used by BIND to try to keep the size of its cache within a certain
limit.

RPZ zones are not part of the cache - they are ordinary individual
zones. On resolvers, there is additionally a per-view RPZ summary
datastructure that's built using the RPZ zones' contents, which provides
a way to match a query against RPZ triggers optimally. None of this is
affected by the max-cache-size setting.

                Mukund
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: max-cache-size

Tony Finch
In reply to this post by Jakob Dhondt
Jakob Dhondt <[hidden email]> wrote:
>
> I was wondering if this option only includes DNS queries/responses
> getting cached or anything else as well, e.g. RPZ zones being kept in
> memory.

RPZ counts as authoritative data, so I believe it isn't included in the
cache size.

Tony.
--
f.anthony.n.finch  <[hidden email]>  http://dotat.at/
South Utsire, Forties: Southeasterly 4 or 5. Slight or moderate. Fair. Good.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: max-cache-size

Jakob Dhondt
ok, thanks everyone!

Cheers, Jakob

On 18.04.19 16:13, Tony Finch wrote:
> Jakob Dhondt <[hidden email]> wrote:
>> I was wondering if this option only includes DNS queries/responses
>> getting cached or anything else as well, e.g. RPZ zones being kept in
>> memory.
> RPZ counts as authoritative data, so I believe it isn't included in the
> cache size.
>
> Tony.

--

SWITCH
Jakob Dhondt, Security Engineer, SWITCH-CERT
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 15, direct +41 44 268 16 23
[hidden email], www.switch.ch
Security-News: securityblog.switch.ch

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users