i change that on every installation to a value of 10 minutes.
From my perspective it can be changed safely and the default value makes no real sense at all.
It is even documented in a KB
This is odd... I just made a test while this setting was set to its default (-1):
1. I installed nscd on our server to cach host entries and monitor gethostbyname requests (using debug logs)
2. I manually set the IP of a target to a specific IP address
3. I manually right-click and verified the target (to update its properties)
4. I confirmed that the app server did a gethostbyname request to nscd and it updated the IP_ADDRESS of the target in the console to the right thing.
5. I changed the IP of the target in the hosts file
6. I re-did a verify, and the IP was still the old one
7. I invalidated the hosts cache of nscd and redid a verify
8. The app server submitted a new gethostbyname request and nscd updated the IP and the IP_ADDRESS property was updated with the new IP.
This means the app server is not permanently caching the IP address as I thought it would do. The comments state that if a security manager is not set, the default is 30 seconds and not forever. Is this the case here then?
Is this KA specific to a version of BL application?
My appservers are in 8.2.04 (windows) and I see the java.security files in two locations $INSTALL_DIR/NSH/jre/lib/security and $INSTALL_DIR/NSH/jre-32/lib/security.
Which is the right file to modify?
What kind of overhead will be there on BL application of this setting is enabled to 10 mins? anything like delay in fetching info/verifying the host etc?
The jre one, not jre-32.