All posts tagged DNS

Name Server Cache Daemon (NSCD) is sometimes a little hard to tell is it working or not?  The only syntax available to the tool is the ability to view statistics which kind of helps but it doesn’t show what is actually in the cache which I think would be a nice feature to add..  Here’s a sample ‘hosts cache’ on one of our servers…

hosts cache:

yes cache is enabled
yes cache is persistent
yes cache is shared
211 suggested size
216064 total data pool size
11952 used data pool size
3600 seconds time to live for positive entries
20 seconds time to live for negative entries
288645 cache hits on positive entries
0 cache hits on negative entries
75914 cache misses on positive entries
229 cache misses on negative entries
79% cache hit rate
86 current number of cached values
224 maximum number of cached values
10 maximum chain length searched
0 number of delays on rdlock
0 number of delays on wrlock
0 memory allocations failed
yes check /etc/hosts for changes

The good thing about nscd is that most of the time, just installing the RPM should work for most people, there really isn’t any need to modify anything in the configuration in order to get it to work…the only issue is trying to figure out really what it’s doing as far as the DNS caching and looking at just the nscd -g stats doesn’t always show the full picture.

Trying to use DNS tools like host, dig, or nslookup will not benefit from using nscd as they will completely bypass this and attempt to hit DNS and will only look at your /etc/nsswitch config. And I do not believe there is any way to tell your using NSCD by just using those tools..  Here’s how you can see what’s in the caches /var/db/nscd you will find 5 files for each of the 5 default caches that are normally setup.

To find the values of any of these just use strings command on them..

strings hosts  or strings passwd

Now this doesn’t 100% add up to the full picture as it almost for me adds more questions , as if you try to clear the cache using nscd -i passwd, I would think that would clear this db file.. but it doesn’t , all the contents are still there but at least does help show what it is doing in the background a little more than just viewing the stats


DnscacheDnscache is a local DNS cache that accepts recursive DNS queries from local clients and collects responses from other DNS servers.
TinyDNSTinyDNS is responsible for making DNS information available to the Internet. TinyDNS handles load balancing and client differentiation, or directing clients to specific servers.
WalldnsWalldns hides local host information from requested reverse and forward records.
RbldnsRbldns is an IP address-listing DNS service. It can be used to publish a list of IP addresses that provide a specific service.
DnsfilterDnsfilter is an IP-address-to-hostname conversion utility.
dnsip, dnsipq, dnsname, dnstxt, dnsmxThese are command line tools used to manage the DNS services.
dnsq, dnsqr, dnstraceThese are DNS debugging utilities.

I tested this in my TinyDNS setup and worked great.

# verbose tinydns data file

# (reverse) dns servers: primary and secondary

# NS records

# MX handlers

# SOA record: primary nameserver is ns.example.net and hostmaster
# mail address is hostmaster@example.net
# (the ‘Z’ configuration line is the only one that
# allows specifying the hostmaster mail address)

# NS records: primary and secondary nameservers

# MX records: relay.example.net, distance = 10
# relay2.example.net, distance = 20

# A records: ns.example.net, ns2.example.net

# PTR records: relays are in the same hosts as dns servers

# more A records: gateway.example.net

# CNAME record: nscache.example.net is alias to gateway.example.net


# NS record

# A/PTR record for nameserver