Guest

Preview Tool

Cisco Bug: CSCzv20814 - Need an overide for DNS Negative cache time TTL

Last Modified

Feb 14, 2019

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

10.1.1-230 10.1.1-235 10.5.1-296

Description (partial)

Symptom:
1)WSA does a DNS request for domainX.com. 
2) The DNS server querying (forwarder) is having issues at the moment and it receives a Negative cache entry with a TTL of 24 hours.  
3)10 minutes later the DNS server is able to resolve domainX.com with no problems. However, since the WSA still has the entry cached for the next 24 hours, the site will remain inaccessible until the cache expires.

This is a feature request to add a configurable value to override the negative DNS TTL by a chosen value

Conditions:
If WSA receives a negative DNS response. it will store it in its cache for 24 hours, even if the website becomes resolvable.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.