Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp3546607ybk; Tue, 19 May 2020 07:18:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxWAi9QXv7T9CbDH+JGQxmHOZdo4xeKfMENL2tACUQQZ8uE2GsEuAt/kBTtgovI9DFSwxuN X-Received: by 2002:aa7:d2d0:: with SMTP id k16mr15903460edr.272.1589897922920; Tue, 19 May 2020 07:18:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589897922; cv=none; d=google.com; s=arc-20160816; b=xKPX1OfvO1SeJFF7a+kQ7VdY8kiA9BNYGhaqVvBWJMlVxjrjfGLx5TqP7et74XKoeR wEPXy8Jx7eix7UZf26lnfJUYMkJpmyiOQrqGu7g+qteTUopXON2CiTnKXZIE7bHlshMz yhnWF2mTxlcIUL6lYvHUGxEQc8T9OQ9tCWc+GFFj9UY9PGlVFLzISHuUvIPj4bU0w5Xl 0A/xh5zqyh8oFVXVfeMm/gkByU7Fwu4VVDjc4p5gNSbMqAqIRViTjQ97mhST1L8WJ2Hv BR79if4AekycuGbe4BU9qCHm3/wGd7tUig2aTtD3Ahktl1KjFA/63NybIf2x86T1fqpt SF6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:message-id :in-reply-to:date:references:subject:cc:to:from:dkim-signature; bh=FNB/aoMyF4TGVvRymSR3/vRA73Z6PL62rY+8MIyJp3Y=; b=UHw4eVRh43iSgqSAp7gEbfXGCNKF58+d8yJCzZjw9eTX8BU6ar+k476p5WBTVrulkF JXf4b8dmWsdVLOjQ6if1MPoZ43TBl61EEpPuYnX5H0dPbvRaE8kdNbuAxoLy/OQwLgQ5 Px8aPcK9xrhNXePPQzitDBKRxtHN1Ql1fOt14sreLpCyuygbc0X6LvwP/OIKN07YrcfF vqKaXL34At6orINAXIgkVGEWXQTXHCPEwkbeTnye/K5qKgk8wXBIccIMOf8HYRRTvoCU 2nAF1G1H/02anrowjZrJzyRaEmwkjaq673hjrkY2yiz0elMXPo6hhRP2thbC+mpQrGJA Uikw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=TfagJx6m; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i2si7896375ejg.45.2020.05.19.07.18.18; Tue, 19 May 2020 07:18:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=TfagJx6m; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729167AbgESOSF (ORCPT + 99 others); Tue, 19 May 2020 10:18:05 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:54918 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729092AbgESOSE (ORCPT ); Tue, 19 May 2020 10:18:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589897884; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=FNB/aoMyF4TGVvRymSR3/vRA73Z6PL62rY+8MIyJp3Y=; b=TfagJx6mo95w5pyteohNt4KRUMnS2+LIFcNqIiK2eisYXV1KdY/K/4YNJLmIHof6Jjxv+O bfMxYVHnaSxfcFwcgkYdAo7F18RinUiGS0GKtNxwzP6FYAnBIf99f3TAJLC8aC12KRPJOm bQorUInhd0BqbUdHl/mNS+JUuBI3Va0= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-17-159IX1CAOkG4oJ0ZYsciJw-1; Tue, 19 May 2020 10:18:00 -0400 X-MC-Unique: 159IX1CAOkG4oJ0ZYsciJw-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D10E939342; Tue, 19 May 2020 14:17:58 +0000 (UTC) Received: from oldenburg2.str.redhat.com (ovpn-113-18.ams2.redhat.com [10.36.113.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C3C85707DF; Tue, 19 May 2020 14:17:56 +0000 (UTC) From: Florian Weimer To: David Howells Cc: linux-nfs@vger.kernel.org, linux-cifs@vger.kernel.org, linux-afs@lists.infradead.org, ceph-devel@vger.kernel.org, keyrings@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] dns: Apply a default TTL to records obtained from getaddrinfo() References: <158981176590.872823.11683683537698750702.stgit@warthog.procyon.org.uk> Date: Tue, 19 May 2020 16:17:55 +0200 In-Reply-To: <158981176590.872823.11683683537698750702.stgit@warthog.procyon.org.uk> (David Howells's message of "Mon, 18 May 2020 15:22:45 +0100") Message-ID: <87blmkgga4.fsf@oldenburg2.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org * David Howells: > Fix this to apply a default TTL of 10mins in the event that we haven't got > one. This can be configured in /etc/keyutils/key.dns_resolver.conf by > adding the line: > > default_ttl: > > to the file. If the name resolution is not needed continuously, but only for the connection attempt, I suggest to use a much shorter TTL, like five seconds or so. I'm worried that if the implied TTL is too long, some system administrators will have to figure out how to invalidate the DNS cache. Thanks, Florian