CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	cy <cy@FreeBSD.org>
	Sat, 20 May 2017 16:58:48 +0000 (16:58 +0000)
committer	cy <cy@FreeBSD.org>
	Sat, 20 May 2017 16:58:48 +0000 (16:58 +0000)
commit	cb153abed084c392ccafc243c2a2c44b9d91b57f
tree	93f4308477ec739a833cb7534cc196284b0101d4	tree \| snapshot
parent	e565cfb40dee4abf2f9fd033f9a1a5fee51f10e9	commit \| diff

Fix non-recoverable name resolution failures due to negative cache
entries never expiring. This patch honours the negative cache timeout.

To test/experience the failure do the following:

1. Edit /etc/ncd.conf to adjust the cache timeouts as follows:

positive-time-to-live hosts 30
negative-time-to-live hosts 1

2. Ensure that nsswitch.conf hosts line contains something like:

hosts: files cache dns

Note that cache must be specified before dns.

3. Start nscd.

4. Run the following command:

while true; do nc -z -w 3 www.google.com 80; sleep 5; done

5. While running the command, remove or comment out all nameserver
   statements in /etc/resolv.conf. After a short while you will notice
   non-recoverable name rsolution failures.

6. Uncomment or replace all nameserver statements back into
   /etc/resolv.conf. Take note that name resolution never recovers.
   To recover nscd must be restarted. This patch fixes this.

PR: 207804
Submitted by: Jov <amutu@amutu.com>
MFC after: 1 week