• State Verified Answer
  • Replies 3 replies
  • Subscribers 63 subscribers
  • Views 139 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 323828
Options

nRF9160 DNS cache & TTL

Stephan Walter

We are using the nRF9160 with a cellular service provider that has quite a strict firewall policy. There are rejected connections and we suspect a problem with cached DNS lookups in the nRF91.

To be more specific, the firewall at the provider does white-listing based on FQDNs. If a mobile device performs a DNS lookup, then a subsequent connection to the IP address in the DNS response will be allowed by the firewall, but only according to the time-to-live. If no lookup is made or the TTL of an earlier lookup has expired, the connection is blocked.

According to the provider's investigation, the nRF91 does not issue another DNS lookup every time we call nrf_getaddrinfo, even if the TTL has elapsed.

This is with modem firmware 1.3.5. The 1.3.6 release notes do not mention anything specific to DNS, so we haven't tried that.

Is it correct that the nRF91 caches DNS responses for longer than the TTL permits?

Is there a way to change this behavior and force it to respect the TTL?

Is there a way to disable, clear, or dump the DNS cache?

  • 0

    Hi,

     

    I can confirm that the nRF9160 does cache DNS lookups, but I do not have details related to the below questions (yet):

    Is it correct that the nRF91 caches DNS responses for longer than the TTL permits?

    Is there a way to change this behavior and force it to respect the TTL?

    Is there a way to disable, clear, or dump the DNS cache?

    I'll ask R&D about these specific questions and get back to you within a few business days.

     

    Kind regards,

    Håkon

  • +1

    Hi,

     

    I got confirmation from R&D.

    Is it correct that the nRF91 caches DNS responses for longer than the TTL permits?

    We have a internal test on this, and this is not failing, meaning that we observe that the nRF9160 modem fw is not caching longer than TTL permits.

    Is there a way to change this behavior and force it to respect the TTL?

    Could you please share a modem trace showing this behavior?

    Is there a way to disable, clear, or dump the DNS cache?

    Unfortunately, no. There is no way to clear the DNS cache.

     

    Kind regards,

    Håkon

  • 0 in reply to Håkon Alseth

    Hi Håkon,

    Thanks for your help. We have run a test with tracing enabled (NRF_MODEM_LIB_TRACE_LEVEL_IP_ONLY), and it looks like the nRF91 indeed handles the TTL correctly. Still it would be nice to have some way to influence the DNS cache on the nRF91.

    We suspect that our provider hasn't implemented the TTL in the firewall correctly.

Related