Menu
I am facing a problem with JVM and DNS.
Everything I'm reading (including the docs and this) says that I can disable JVM DNS caching using networkaddress.cache.ttl, which can be set using java.security.Security.setProperties, but through the standard approach of using system properties. I have successfully changed this to 0, so no more caching in my JVM.
But now, on each call of InetAddress.getByName("mytest.com"), it seems that my JVM is using the system DNS cache (in my case Windows 8). Indeed, between 2 calls of the method, I have changed the BIND9 properties for "mytest.com", but the IP return is still the same. Here is the workflow:
setCachePolicyInJVM(0) in my Java code.mytest.com to 192.168.1.188 in BIND9, restart.InetAddress.getByName("mytest.com").getHostAddress(); -> 192.168.1.188
mytest.com -> 192.168.1.160 in BIND9, restart.InetAddress.getByName("mytest.com").getHostAddress(); -> 192.168.1.188 (should be 160 if there was no caching).InetAddress.getByName("mytest.com").getHostAddress(); -> 192.168.1.160
I have read several times that the JVM does not use the system cache, but that is wrong: it clearly does.
How do we force a new DNS resolution on each call, bypassing the OS DNS cache?
738
The Java virtual machine (JVM) caches DNS name lookups. When the JVM resolves a hostname to an IP address, it caches the IP address for a specified period of time, known as the time-to-live (TTL).
The solution for Java 1.4.x(i.e. J2EE WAS 6.40) The parameter which controls DNS caching in the JVM 1.4.x is networkaddress.cache.ttland this can be set in the file “jre\lib\security\java.security”. This must be done on each portal server.
Using JMeter, such testing can be conducted with the help of ‘DNS Cache Manager’ element which allows testing the applications, which have several servers behind load balancers like CDN (Content Delivery Networks) when the user receives content from different IP’s. By default, JMeter uses JVM DNS cache.
This ensures that when a resource’s IP address changes, your application will be able to receive and use the resource’s new IP address by requerying the DNS. On some Java configurations, the JVM default TTL is set so that it will never refresh DNS entries until the JVM is restarted.
I think I've run into this problem, or a very similar one. What I did then was to implement my own DNS provider for the JVM, see how to change the java dns service provider for details. You can use the dnsjava mentioned there or roll your own.
92
You can either edit your $JAVA_HOME/jre/lib/security/java.security for Java 6-8 and $JAVA_HOME/conf/security/java.security property file to add the following property .
networkaddress.cache.ttl=1
It is not available to set it in command line.
Since these 2 properties are part of the security policy, they are not set by either the -D option or the System.setProperty() API, instead they are set as security properties.
To set this property inside the code, you can use the following method.
java.security.Security.setProperty("networkaddress.cache.ttl", "1")
Or add the following property in the java command line.
-Dnetworkaddress.cache.ttl=1
It is also important to note that values are effective only if the corresponding networkaddress.cache.* properties are not set.
See Java 8 Networking Properties, Java 9 Networking Properties and VeriSign DNS Caching in Java Virtual Machines for more details.
This answer also adds some details.
37
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
