Domain Name Service (DNS) caching
If needed, two global configuration properties can be used to control the caching of host name-to-numeric IP address (DNS lookup) results returned from the name resolution services of the underlying operating system. Use the dsconfig
tool to configure these properties.
- network-address-cache-ttl
-
Sets the Java system property
networkaddress.cache.ttl
, and controls the length of time in seconds that a host name-to-IP address mapping can be cached. The default behavior is to keep resolution results for one hour (3600 seconds). This setting applies to the server and all extensions loaded by the server. - network-address-outage-cache-enabled
-
Caches host name-to-IP address results in the event of a DNS outage. This is set to
true
by default, meaning name resolution results are cached. Unexpected service interruptions may occur during planned or unplanned maintenance, network outages or an infrastructure attack. This cache may allow the server to function during a DNS outage with minimal impact. This cache is not available to server extensions.
To reduce delays due to unnecessary DNS lookups, follow these recommendations:
-
Maintain a connection pool in the client app rather than opening new connections for each bind.
-
Add appropriate records to DNS, including PTR records.
-
Add
options timeout:1
and/oroptions single-request
in/etc/resolv.conf
. -
If IPv6 requests specifically are causing issues, Add
-Djava.net.preferIPv4Stack=true
to thestart-server.java-args
line in PingDirectory’sconfig/java.properties
so that runningbin/dsjavaproperties
and restarting the server will no longer issue IPv6 PTR requests.