what is linux nscd

藏色散人
藏色散人Original
2023-04-13 10:57:372510browse

linux nscd is a service cache daemon. Its full English name is "Name Service Cache Daemon". It provides faster verification for services such as NIS and LDAP; caching is a very important technology or mechanism. Caching The main purpose is to improve client access speed.

what is linux nscd

#The operating environment of this tutorial: linux5.9.8 system, Dell G3 computer.

What is linux nscd?

Enable cache service NSCD under Linux

NSCD (Name Service Cache Daemon) is a service cache daemon, which is a service cache daemon for NIS and Services like LDAP provide faster authentication. No matter what system it is, caching is a very important technology [or mechanism]. The main purpose of caching is to improve client access speed.

NSCD command options:

# nscd --help 
Usage: nscd [OPTION...]
Name Service Cache Daemon.

  -d, --debug                Do not fork and display messages on the current
                             tty
  -f, --config-file=NAME     Read configuration data from NAME
  -F, --foreground           Do not fork, but otherwise behave like a daemon
  -g, --statistics           Print current configuration statistics
  -i, --invalidate=TABLE     Invalidate the specified cache
  -K, --shutdown             Shut the server down
  -t, --nthreads=NUMBER      Start NUMBER threads
  -?, --help                 Give this help list
      --usage                Give a short usage message
  -V, --version              Print program version

NSCD configuration file:

NSCD configuration The file is /etc/nscd.conf. The NSCD program will read the /etc/nscd.conf file when it is started. Each line specifies an attribute and the corresponding value, or specifies a service and the corresponding value. # indicates a comment. The valid service settings are: passwd, group, hosts, services, ornetgroup.

Explanation of related parameters of NSCD configuration file:

##

#设置日志文件 logfile debug-file-name
#设置debug记录的级别,默认是0 debug-level value
#程序启动时,等待进去请求的处理线程数,至少5个 threads number
#最大线程数,默认32 max-threads number
#nscd程序以哪个用户运行,如果设置了该选项,nscd将作为该用户运行,而不是作为root。如果每个用户都使用一个单独的缓存(-S参数),将忽略该选项。 server-user user 
#哪个用户可以请求统计用户 stat-user user
#在一个缓存项被删除之前允许使用的次数,默认是5 reload-count unlimited | number
#是否启用偏执模式,启用会导致nscd周期性重启,默认是no paranoia bb465b611d06b065d5e0e67bdf17426c
#如果启用偏执模式,设置的定期重启nscd的时间间隔,默认是3600秒 restart-interval time
#开启或者关闭服务缓存,默认是no enable-cache service bb465b611d06b065d5e0e67bdf17426c
#为成功请求的元素设置缓存TTL,单位是秒,值越大缓存命中率越高,降低平均响应时间,但会增加缓存的一致性问题 positive-time-to-live service value
#为失败查询元素设置缓存TTL,单位是秒,应保持小值,减小缓存一致性问题 negative-time-to-live service value
#内部的散列表大小,value应该保持一个素数以达到优化效果。默认值是211 suggested-size service value
#启用或者禁用检查文件是否属于指定的服务,这些文件是/etc/passwd、/etc/group、/etc/hosts、/etc/services、/etc/netgroup等 check-files service bb465b611d06b065d5e0e67bdf17426c
#设置缓存在服务器重启后,仍旧能提供缓存服务,在使用偏执模式时有用,默认是no persistent service bb465b611d06b065d5e0e67bdf17426c
#为客户端共享nscd数据库在内存中做的映射,使客户端可以直接搜索,而不用每次都查询守护进行,默认是no shared service bb465b611d06b065d5e0e67bdf17426c
#该数据库的最大大小,单位是bytes,默认是33554432 max-db-size service bytes
#此选项仅使用于passwd和group服务 auto-propagate service bb465b611d06b065d5e0e67bdf17426c
Use NSCD to cache DNS

The role of DNS on the server:

When it is necessary to interact with the outside world through domain names, dns caching comes in handy. It can reduce the time of domain name resolution. Improve efficiency. For example, in the following situation Use a crawler to collect page data on the Internet,
Use the auth2.0 protocol to obtain user data from other platforms (such as Weibo or QQ),
Use a third-party payment interface,
Use Send text messages under the SMS channel, etc.

Advantages and disadvantages of enabling NSCD DNS caching service

Advantages:

Cache NDS parsing information locally to improve parsing speed

There is no problem even if the DNS server hangs up. Within the cache service time range, parsing is still normal

Disadvantages:

DNS resolution information will lag behind. For example, domain name resolution changes require manual refresh of the cache. NSCD is not suitable for real-time switching applications. Currently, it is not suitable for applications that rely on DNS switching. service, it is recommended not to enable DNS caching. There is no problem with DNS Cache as a normal DNS resolution cache. If you use an RDS cloud server, it is not recommended to use the DNS cache service.

Configure DNS cache:

You can enable the local DNS Cache by editing the /etc/nscd.conf file and adding the following line to it

enable-cache hosts yes #In addition to dns caching, this service can also cache passwd, group, servers

Complete The configuration is as follows:

        enable-cache            passwd          yes
        positive-time-to-live   passwd          600
        negative-time-to-live   passwd          20
        suggested-size          passwd          211
        check-files             passwd          yes
        persistent              passwd          yes
        shared                  passwd          yes
        max-db-size             passwd          33554432
        auto-propagate          passwd          yes

        enable-cache            group           yes
        positive-time-to-live   group           3600
        negative-time-to-live   group           60
        suggested-size          group           211
        check-files             group           yes
        persistent              group           yes
        shared                  group           yes
        max-db-size             group           33554432
        auto-propagate          group           yes

        enable-cache            hosts           yes
        positive-time-to-live   hosts           3600
        negative-time-to-live   hosts           20
        suggested-size          hosts           211
        check-files             hosts           yes
        persistent              hosts           yes
        shared                  hosts           yes
        max-db-size             hosts           33554432

        enable-cache            services        yes
        positive-time-to-live   services        28800
        negative-time-to-live   services        20
        suggested-size          services        211
        check-files             services        yes
        persistent              services        yes
        shared                  services        yes
        max-db-size             services        33554432

        enable-cache            netgroup        yes
        positive-time-to-live   netgroup        28800
        negative-time-to-live   netgroup        20
        suggested-size          netgroup        211
        check-files             netgroup        yes
        persistent              netgroup        yes
        shared                  netgroup        yes
        max-db-size             netgroup        33554432
NSCD service viewing and clearing

NSCD cache DB files are under /var/db/nscd. You can view statistical information through nscd -g:

# nscd -g 
nscd configuration:

              0  server debug level
 50d 14h 33m 40s  server runtime
              5  current number of threads
             32  maximum number of threads
              0  number of times clients had to wait
             no  paranoia mode enabled
           3600  restart internal
              5  reload count

passwd cache:

            yes  cache is enabled
            yes  cache is persistent
            yes  cache is shared
            211  suggested size
         216064  total data pool size
            544  used data pool size
            600  seconds time to live for positive entries
             20  seconds time to live for negative entries
         280382  cache hits on positive entries
          10047  cache hits on negative entries
           3260  cache misses on positive entries
            474  cache misses on negative entries
             98% cache hit rate
              6  current number of cached values
             52  maximum number of cached values
              2  maximum chain length searched
              0  number of delays on rdlock
              0  number of delays on wrlock
              0  memory allocations failed
            yes  check /etc/passwd for changes
Clear the specified type of cache:

nscd -i passwd
nscd -i group 
nscd -i hosts

Recommended study: "

linux video tutorial"

The above is the detailed content of what is linux nscd. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn