Cisco Bug: CSCzv20814 - Need an overide for DNS Negative cache time TTL
Feb 14, 2019
- Cisco Web Security Appliance
Known Affected Releases
10.1.1-230 10.1.1-235 10.5.1-296
Symptom: 1)WSA does a DNS request for domainX.com. 2) The DNS server querying (forwarder) is having issues at the moment and it receives a Negative cache entry with a TTL of 24 hours. 3)10 minutes later the DNS server is able to resolve domainX.com with no problems. However, since the WSA still has the entry cached for the next 24 hours, the site will remain inaccessible until the cache expires. This is a feature request to add a configurable value to override the negative DNS TTL by a chosen value Conditions: If WSA receives a negative DNS response. it will store it in its cache for 24 hours, even if the website becomes resolvable.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases