Topic: dnscache - version too old or misconfigured?

[perler]

SME 6.01-01

hi,

again and again i see my windows workstation connected to the net by an SME server looking up DNS entries it looked up just some hours ago. i did some investigations and found here http://cr.yp.to/djbdns/dnscache.html this information regarding how client requests are answered:

If $HIDETTL is set, dnscache always uses a TTL of 0 in its responses. In versions before 1.03, dnscache always uses a TTL of 0 in its responses.

$HIDETTL is not set on  my system (i suppose it is set when i have a file /service/dnscache/env/HIDETTL) so i suspect we use a dnscache version < 1.03. true?

PAT

[hanscees]

I find your question confusing.

Are you saying that:

The sme server is asking dns queries it has cached sooner than the TTL is expired?

Or are you seeing that your workstations are asking dns queries again and again.

For the second question: sure they do.
For the first: well, if the cache is full it will ditch things of course and thus ask them again.

Or do you have anaother analysis for us?

Hans-Cees

[perler]

ok, let me explain:

xp is asking SME for an IP.
SME gives the IP together with a TTL.
XP will cache the IP as long as the TTL (try "ipconfig /displaydns")
now, if SME is giving a TTL of 0 (as suggested in the dnscache docs i quote) XP will ask SME for the IP again and again instead of only after the TTL ends.

maybe it's just a problem of speed. whenever i see the "looking up /url/" in my opera status line it takes a second or so until the answer arrives from SME which seems to me a rather long time (compared with systems with a hardware router/firewall i know)

meanwhile i compiled djbdns 1.05 - maybe it get's better..

it could be a problem of my XP system, i will check this too..

PAT

[hanscees]

ok, let me explain:

xp is asking SME for an IP.
SME gives the IP together with a TTL.
XP will cache the IP as long as the TTL (try "ipconfig /displaydns")
now, if SME is giving a TTL of 0 (as suggested in the dnscache docs i quote) XP will ask SME for the IP again and again instead of only after the TTL ends.



PAT

Your xp has a dns server then? Is it a server? Normal queries are done by programs? They can cache some dns. But every new program will have its own cache.

So it is logical that you see more queries: they come from different processes. Or is it the case that your queries coming from one program come over and over again?

If I tcpdump a query from the "ping" program there is no ttl value whatsoever in the answer.


hc

[perler]

ok, let me explain:

xp is asking SME for an IP.
SME gives the IP together with a TTL.
XP will cache the IP as long as the TTL (try "ipconfig /displaydns")
now, if SME is giving a TTL of 0 (as suggested in the dnscache docs i quote) XP will ask SME for the IP again and again instead of only after the TTL ends.



PAT

Your xp has a dns server then? Is it a server? Normal queries are done by programs? They can cache some dns. But every new program will have its own cache.

wrong.

http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/prjj_ipa_vitx.asp

So it is logical that you see more queries: they come from different processes. Or is it the case that your queries coming from one program come over and over again?

no, they come from the same program again and again (the web browser). for example, just some minutes ago i wrote my last response in this thread. some seconds ago i got notified by mail, that you answered, i go to contribs.org and again, opera is looking up contribs.org. windows should have cached the IP.

PAT

[hanscees]

Hi,

I tcpdumped some more. My sme 601 gives answers with all kinds of ttl's. Thus not always ttl's of 0.

You were right that the dns answers have ttl's in them. Although my windows 2000 dns stack is different, I presume the dns answers from dnscache will be the same.

You can check the ttl's yourself by using ethereal to dump the dns traffic.

You can do this on your windows box, but you can also make the dumps on your sme server and than look at them on your windows box.

Might you need help how to do that just ask.

Hans-Cees

[CharlieBrady]

SME 6.01-01
...
$HIDETTL is not set on  my system (i suppose it is set when i have a file /service/dnscache/env/HIDETTL) so i suspect we use a dnscache version < 1.03. true?

I don't know about 6.01, but Mitel's 6.0 (on which 6.01 was based) has djbdns-1.05. So I guess "false" is the correct answer.