Per Byron's answer, you can't set
networkaddress.cache.negative.ttl as System Properties by using the
-D flag or calling
System.setProperty because these are not System properties - they are Security properties.
If you want to use a System property to trigger this behavior (so you can use the
-D flag or call
System.setProperty), you will want to set the following System property:
This system property will enable the desired effect.
But be aware: if you don't use the
-D flag when starting the JVM process and elect to call this from code instead:
java.security.Security.setProperty("networkaddress.cache.ttl" , "0")
This code must execute before any other code in the JVM attempts to perform networking operations.
This is important because, for example, if you called
Security.setProperty in a .war file and deployed that .war to Tomcat, this wouldn't work: Tomcat uses the Java networking stack to initialize itself much earlier than your .war's code is executed. Because of this 'race condition', it is usually more convenient to use the
-D flag when starting the JVM process.
If you don't use
-Dsun.net.inetaddr.ttl=0 or call
Security.setProperty, you will need to edit
$JRE_HOME/lib/security/java.security and set those security properties in that file, e.g.
networkaddress.cache.ttl = 0 networkaddress.cache.negative.ttl = 0
But pay attention to the security warnings in the comments surrounding those properties. Only do this if you are reasonably confident that you are not susceptible to DNS spoofing attacks.