Force dig to forget records

cachedigdns

I would like to let dig always forget a DNS record.
I mean if I do dig yahoo.com then I have a record back in with ttl for 1790 seconds.
Even if I have no cache service installed, next time i do the same command, the ttl have lowered.
Some how, dig do remember the answer. Is it possible to clear that, so I always get a fresh answer back?

Best Answer

dig doesn’t remember queries. But it makes use of name servers listed in /etc/resolv.conf, unless the server to be queried is specified explicitly. Such servers normally accept recursive queries and have caches for their results. So dig can receive records cached by (intermediate) servers.

Use
dig +trace …
to override this behaviour, forcing it to query an authoritative server. See dig(1) for more information.

Related Solutions

Linux – How to improve nscd’s cache hit rate

What part of your webserver is even doing DNS lookups? Most webserver configurations explicitly disable reverse DNS lookup of each incoming user, for speed (because DNS is slow in general).

As Patrick notes, nscd is doing the right thing and respecting the positive TTL values. Yes, you could override it (unbound would let you do this easily, just modify server.cache-min-ttl, has warnings about increasing it beyond 1 hour for the same reasons). HOWEVER, your queries are probably mostly rDNS, which will tend to have longer TTLs in general.

Additionally, since your maximum number of cached values is so low, I'd like to note that you're hardly getting any traffic.

If you do care about where you users repeat from that often, I'd suggest logging it outside nscd, and not worrying about it anymore.

Edit (2013/12//09): nscd -g hosts stats from dev.gentoo.org (no blocks in comments):

nscd configuration:
 4h  8m 43s  server runtime
hosts cache:
        yes  cache is enabled
         no  cache is persistent
         no  cache is shared
        422  suggested size
    1108744  total data pool size
     966632  used data pool size
        600  seconds time to live for positive entries
         20  seconds time to live for negative entries
      67878  cache hits on positive entries
       2479  cache hits on negative entries
       9464  cache misses on positive entries
       4276  cache misses on negative entries
         83% cache hit rate
       6951  current number of cached values
       7641  maximum number of cached values
         33  maximum chain length searched
          1  number of delays on rdlock
          0  number of delays on wrlock
          0  memory allocations failed
        yes  check /etc/hosts for changes

How to understand TTL values in dig command output

No; not all the way from the .com domain (actually I think you meant from the root domain?).

The NS records for stackoverflow.com have a TTL of 172800, so those are cached a lot longer than the 300 seconds of the www.stackoverflow.com CNAME record and the stackoverflow.com A record. So after those CNAME and A records have expired, the NS records will probably still be cached and hence those nameservers can be questioned about www.stackoverflow.com (and then stackoverflow.com).

BTW I wouldn't have given both www.stackoverflow.com and stackoverflow.com a TTL of just 300, that means twice as many DNS requests without any immediately evident advantage IMHO.

Best Answer

Related Solutions

Linux – How to improve nscd’s cache hit rate

How to understand TTL values in dig command output

Related Question