Problem Statement
I have a bind caching and forwarding server that is functioning almost as expected. All queries are forwarded, their TTL is cached. At first blush, everything appeared normal until I was watching the response time never fall below the 150ms of my VPN.
Upon performing tcpdump, I found that even though bind was well aware of the TTL being geater than 0 (TTL of 14000 in this case), the resolver was still forwarding every request. The TTL of the response still decrements as expected, but every single request is still forwarded upstream regardless of the TTL remaining in the cached record.
If I disable forwarding, this behavior ceases and cache works as expected.
Version
Bind 9.9.4-29 (Redhat forked)
OS: CentOS 7
Relevant Parts of the Configuration
allow-query { local; };
recursion yes;
allow-recursion { local; };
max-cache-size unlimited;
stacksize unlimited;
datasize unlimited;
zone "." IN {
type forward;
forward first;
forwarders { 192.168.120.3; 192.168.120.2; };
};
I have tried both forward first; and forward only; This resolver has almost no load on it and several GB of memory available. At any given time, it never has more than a few hundred records cached.
Is it likely that I have the wrong expectation of behavior in bind? Using Unbound I did not see this behavior, but I would like to switch back to bind for other reasons.
Best Answer
Solved
Problem existed between keyboard and chair.
What went wrong
In my troubleshooting, I was switching my /etc/resolv.conf back and forth between local and upstream resolvers.
Root cause
Only one cup of coffee present. I thought I had switched back to the local resolver and I had not. Apologies, false alarm.