Replacing nscd for "hosts" caching

I'm currently looking for a replacement for caching the Linux NSS "hosts" "database". Basically, my goal is caching DNS lookups, but with a few restrictions:
  • The cache should not cache until the DNS TTL expires, but for a maximum of a configurable TTL. This is needed, so I can easily flush the DNS caches on the central resolvers, but don't need to worry about the cache on each and every machine.
  • The cache should ask one or more centrally installed resolvers, as they have special configurations for some domains.
  • The cache should be running locally, as everything else will break at some point. *

nscd is designed to do this, but unfortunately it has serious bugs which make it unsuitable for use, including this bug (which also features a nice "Drepper response").

I'm not sure which software to use yet, maybe it doesn't even exist.

Any recommendations?