I recently set up Unbound for DNS caching, along with DNScrypt on Linux Mint 18.1. It works, but I noticed the pages are cached only for short time:
- First query to google.com – 48ms (domain not cached)
- Second query to google.com (immediately after that) – 0ms (domain cached)
- Third query to google.com (after ~ minute) – 46ms (domain not cached)
Is this intended behavior, or do I need to set something different to cache pages for longer time? Here is my Unbound config (/etc/unbound/unbound.conf):
#
Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.age
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include: "/etc/unbound/unbound.conf.d/*.conf"
server:
verbosity: 1
num-threads: 4
outgoing-range: 8192
so-rcvbuf: 4m
so-sndbuf: 4m
so-reuseport: yes
msg-cache-size: 50m
msg-cache-slabs: 16
num-queries-per-thread: 4096
rrset-cache-size: 100m
rrset-cache-slabs: 16
infra-cache-slabs: 16
do-ip4: yes
do-ip6: no
do-udp: yes
do-tcp: yes
do-daemonize: yes
hide-identity: yes
hide-version: yes
harden-short-bufsize: yes
harden-large-queries: yes
harden-glue: yes
harden-dnssec-stripped: yes
harden-below-nxdomain: yes
harden-referral-path: yes
logfile: "/etc/unbound/unbound.log"
use-caps-for-id: yes
do-not-query-localhost: no
prefetch: no
forward-zone:
name: "."
forward-addr: 127.0.0.1@40
Best Answer
Unbound will (or at least should) be caching the result for the time specified in the TTL for the record you are requesting.
This is exactly what I observe on a system I have to hand that is running unbound. The initial request takes 14ms, subsequent requests take 0ms and when the TTL expires the next request takes 14ms.
Initial request which shows a 300 second TTL and takes 18ms
Subsequent requests - TTL is counting down and takes 0ms
TTL expired so another upstream request is made 23ms