dropdown menu

NETWORK - NETCD

NETCD (Network Caching Daemon):

AIX v6.1 introduced the network caching daemon (netcd), which can be configured to cache answers from DNS, NIS, etc. to improve performance and also reduce network traffic.

Applications requiring name resolution place a request to the resolver to do the translation. The resolver does this translation by looking up on the local machine (for example, /etc/hosts) or on a remote machine that provides a name resolution service (for example, DNS or NIS). Netcd daemon can be used to cache the resolver lookups.

The netcd daemon will maintain two types of caches:

-Local resources, such as /etc/hosts:
Local resources are loaded into local caches at the startup of the netcddaemon. Local caches contain all entries. The netcddaemon will periodically check if the local resources have changed and if necessary reload them.

-Network resources, such as DNS:
In contrast to local caches, the network caches are created with empty entries during the daemon startup. The netcddaemon will fill up the cache with the result of each query at runtime. Negative answers from the resource are cached as well. For DNS queries, the TTL (time to live) value returned by the DNS server is used with the default settings. The netcddaemon will check periodically for expired entries and remove them.

---------------------------------

Configuration of netcd:

The netcddaemon is delivered as part of the bos.net.tcp.client package. You can start netcd with startsrc: startsrc -s netcd

The netcd daemon will look for /etc/netcd.conf to use as its configuration file by default. If a configuration file is not detected, netcd will use its default values, which will cache all possible data with a hash size of 128 and time to live (TTL) of 60 minutes.

The /etc/netcd.conf file does not exist initially, so if this is your first time, you will need to create a new netcd.conf file.

Add this line to netcd.conf to cache DNS data: cache dns hosts 128 0

It will cache up to 128 DNS answers. A TTL of zero for DNS means to observe the TTL in the answer from the name server, instead of overwriting it.

A netcd sample configuration file is installed in /usr/samples/tcpip/netcd.conf. You can copy the file to the /etc/ directory and use it as a template for your configuration.

---------------------------------

The /etc/netcd.conf file has four different types of configurations:

1. Caching settings: You can specify what resolver should be cached:

    # cache <type_of_cache> <type_of_map> <hash_size> <cache_ttl>
    (default setting: cache all all 128 60)
    (example for a DNS cache: cache dns hosts 128 0)

    type_of_cache     Declares the type of cache. Possible values are all, local, dns, nis, nisplus, and yp.
    type_of_map       Declares the map to be used to do the lookup. Check netcd.conf man page or look at the sample file for a complete list.
    hash_size         Specifies the number of lines used for the cache. (An hash table is used to store the cache)
    cache_ttl         Declares the time to life for a cache entry. The unit is minutes. The TTL is not used for local resource caches.
                      If you specify a value other than 0 for DNS caches, it will overwrite the TTL of the DNS server response.


2. Security settings:

You can specify under which user and group a netcddaemon should be run. The default user is root and the default group is system.

3. Log level settings:
The netcddaemon creates a log file in /var/tmp/netcd.log. You can specify a different log file location, a log file size limit in KB, and the number of log file rotations. The default setting is no size limit and therefore no rotations are taken.

    Use this syntax to change the settings:
    log_file <file>
    log_rotate <number>
    log_size <number>

  
4. Daemon settings
    net_scan_frequency      Specifies how often netcddaemon looks for expired cache entries in network caches. The unit is min., default is 1.
    local_scan_frequency    Specifies how often the netcddaemon checks for changes to the local resources. The unit is minutes, default is 1.
    socket_queue_size       Indicates the message queue size. The unit is the number of outstanding requests, default value is 256.

---------------------------------

Commands:

/usr/sbin/netcd               netcddaemon itself
/usr/sbin/netcdctrl           command to manage netcddaemon caches (dumping, flushing, changing the logging level, and display statistics.
/usr/samples/tcpip/netcd.conf sample configuration file for the netcddaemon.
/var/tmp/netcd.log            netcd log file

startsrc/stopsrc -s netcd     starts/stops netcd (refresh command is not supported)
lssrc -ls netcd               shows an overview of the currently active config

netcdctrl -t dns -e hosts -a /tmp/netcd.cache.out    dump DNS cache to a text file
netcdctrl -t dns -e hosts -s /tmp/netcd.cache.out    shows statistics of cache usage (directs output to the given file) (hash_size can be verified with this)
netcdctrl -t dns -e hosts -f                    flush the caches (if you flush the local resources cache, it will be reloaded automatically)
netcdctrl -t local -e hosts -f                  if you changed /etc/hosts with this command you can notify netcd daemon immediately
netcdctrl -l 7                                  changing the logging level of netcd daemon (dynamic action, no restart is needed)
                                                0 <--No logging
                                                3 <--(the default) Errors (the default)
                                                4 <--Warnings
                                                5 <--Notice
                                                6 <--Info
                                                7 <--Debug


some more info: https://www.ibm.com/developerworks/mydeveloperworks/blogs/cgaix/entry/aix_6_1_resolv_conf_and_netcd?lang=en

2 comments:

Anonymous said...

what are the pre and post work need to take care on VIO clients when upgrading VIO servers.

Unknown said...

hi, Is it possible to clear only particular hostname from DNS cache?