0xERR0R/blocky

What is Cached Negative?

ChitranshuV opened this issue · 1 comments

ChitranshuV commented

What is CACHED NEGATIVE in the logs?

I encountered this first time when I was searching libgen.rs and the page didn't load. None of the block lists have blocked it but it shows up as CACHED NEGATIVE in the logs. Upon further search there were many such domains with similar entry in the log.

Screenshot from 2024-10-07 23-49-51

I tried $ dig @8.8.8.8 libgen.rs and that has blocked it too. I think every resolver is denying .rs domains.

config.yml

upstreams:
  groups:
    default:
      - https://cloudflare-dns.com/dns-query
      - https://dns.quad9.net/dns-query
  init:
    strategy: blocking

ports:
  dns: 53
  tls: 853
  https: 443
  http: 4000

bootstrapDns:
  - upstream: 1.1.1.1
  - upstream: 8.8.8.8
  - upstream: 9.9.9.9

log:
  level: info
  format: text
  timestamp: true
  privacy: false

blocking:
  denylists:
    ads:
      - https://big.oisd.nl/domainswild
      - https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/pro.plus.txt
      - https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/tif.txt
    custom:
      - https://gist.githubusercontent.com/ChitranshuV/ae5121ce4145dc0c98826d8caee14903/raw/b717fdfadc3614970327ada76f29670ce5761f3c/NewsWildcard.txt
      - https://gist.githubusercontent.com/ChitranshuV/5c06421113c1aa35b8f01397d2ad0777/raw/d7ff05c7a6b54f6a46917903388898d7b4d23530/SocialMediaWildcard.txt
    adult:
      - https://nsfw.oisd.nl/domainswild
  blockType: nxDomain
  clientGroupsBlock:
    default:
      - ads
      - custom
      - adult
  loading:
    refreshPeriod: 1h
    strategy: blocking
    concurrency: 8
    downloads:
      timeout: 5m
      attempts: 10
      cooldown: 1s

caching:
  minTime: 5m
  maxTime: 30m
  maxItemsCount: 0
  prefetching: true
  prefetchExpires: 24h
  prefetchThreshold: 2
  prefetchMaxItemsCount: 0

prometheus:
  enable: true
  path: /home/chitranshu/Downloads/blocky_v0.24_Linux_x86_64/metrics

queryLog:
  type: csv
  target: /home/chitranshu/Downloads/blocky_v0.24_Linux_x86_64/logs
  flushInterval: 30s
  fields:
  - clientIP
  - duration
  - responseReason
  - question
kwitsch commented

CACHED NEGATIVE are cached responses without a propper IP resolution from any of your upstreams.
If your upstream DNS server response with NXDOMAIN those responses are cached and reused.
If you have multiple upstreams configured and one of them resolves to a propper IP it will be used.

  • 👍1