[dns-operations] does anybody know why yahoo+akamai are doing this?
Mark_Andrews at isc.org
Mon Mar 20 15:23:00 UTC 2006
> > Ah Akamai! I am much behind Paul on depth of understanding, albeit,
> > I will pro-offer the following, mostly clueless, attempt at an
> > explanation.
> I'm in the same boat r.e. depth of understanding, but doesn't that
> seem awfully redundant? The nameserver doing the lookup should go to
> the roots anyway, assuming it hasn't already cached referrals
> for .net or akamai.net.
This all falls out of RFC 1034. They are returning the
*best* referral they can on the second (or later) pass
through RFC1034 Section 4.3.2.
To avoid this you would have to special case returning
referrals to the root. Special cases are bad.
I also doubt that this is causing the spikes that Paul
mentioned originally unless the auth servers are BIND 8
behind a one way firewall which allows the queries to the
root out by not the replies in.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the dns-operations