Why does rndc reconfig flush the cache sometimes but not on other occasions?
Usually when issuing rndc reconfig to make changes to a running BIND 9 nameserver, you expect it to retain the current working cache of learned RRsets.
However, there are a few changes that you can make to the configuration that might be incompatible with what has already been cached - and in those circumstances, named will also start with a new and empty cache following the reconfig. Here are the settings that, if changed, will result in rndc reconfig clearing cache:
- check-names
- zero-no-soa-ttl
- max-cache-size
- max-cache-ttl
- max-ncache-ttl
- dnssec-validation
- dnssec-accept-expired
See also the limitations on views that share cache
The criteria for whether or not two (or more) views configured in a BIND nameserver may share cache are that the policy settings listed above are consistent between views. The attach-cache option is used to configure cache-sharing.