Red Hat name caching

Got a question about Linux name caching today. Some servers are requesting the same hostname to the DNS server every 2 seconds...
Looked into it and the name caching daemon is not running. Got all the answers I needed here: alt.os.linux.redhat: Re: DNS cache on a RH9 system?. Also found a separate package called dnscache. And a HOWTO for bind to create a local DNS cache on your workstation or server. Simply starting nscd and editing nscd.conf seems sufficient for me now.

BTW, here is my updated /etc/nscd.conf. If anyone has more pointers, please comment.

logfile /var/log/nscd.log
# use 1-10 for more verbose debugging into log
debug-level 0
# 3 minimum, 5 default
filethreads 5
# 32 is default
max-threads 32
# restart intervals may fail if non-root
server-user nscd
# user granted to check nscd stats using 'nscd -g'
stat-user nagios
# 5 is default
reload-count 5
# restart periodically
paranoia yes
# restart every 4 hrs, default is 1 hour
#restart-interval 14400

enable-cache passwd no
enable-cache group no

enable-cache hosts yes
# default in sec; prune hits after this long
positive-time-to-live hosts 3600
# default in sec; prune misses after this long
negative-time-to-live hosts 20
# entries in hash table, default 211, must be prime!
suggested-size hosts 211
check-files hosts yes
persistent hosts yes
shared hosts yes
# 16 MiB in bytes
#max-db-size hosts 16777216

Update: one more important thing, the suggested-size is the size of the hash table. Hashing works well if your table is sparsely populated. I.e. your table should be larger than the actual number of entries it will have. So if you're caching 20 web server on the intranet, the default is fine. If you are caching 3000 IMAP userids and password (see this example), it needs to be a large prime number about 5-10 larger than the 3000 userids.


Popular posts from this blog

Tuning the nscd name cache daemon

Preventing PuTTY timeouts

Debugging sudo and sudoers