From 5aff67893b993364cf48edbb927661315927f00d Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sun, 15 Dec 2019 15:43:37 +0100
Subject: dns-forwarding: add negative-ttl option

---
 docs/services/dns-forwarding.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'docs/services')

diff --git a/docs/services/dns-forwarding.rst b/docs/services/dns-forwarding.rst
index e98d7f6b..bd05395e 100644
--- a/docs/services/dns-forwarding.rst
+++ b/docs/services/dns-forwarding.rst
@@ -87,6 +87,14 @@ use this file to add resolvers to assigned addresses.
 Maximum number of DNS cache entries. 1 million per CPU core will generally
 suffice for most installations.
 
+.. cfgcmd:: set service dns forwarding negative-ttl
+
+A query for which there is authoritatively no answer is cached to quickly deny
+a record's existence later on, without putting a heavy load on the remote
+server. In practice, caches can become saturated with hundreds of thousands of
+hosts which are tried only once. This setting, which defaults to 3600 seconds,
+puts a maximum on the amount of time negative entries are cached.
+
 Example
 =======
 
-- 
cgit v1.2.3