[dns-operations] does anybody know why yahoo+akamai are doing this?

Mark Andrews Mark_Andrews at isc.org
Mon Mar 20 15:23:00 UTC 2006

> > Ah Akamai!  I am much behind Paul on depth of understanding, albeit,
> > I will pro-offer the following, mostly clueless, attempt at an
> > explanation.
> I'm in the same boat r.e. depth of understanding, but doesn't that  
> seem awfully redundant?  The nameserver doing the lookup should go to  
> the roots anyway, assuming it hasn't already cached referrals  
> for .net or akamai.net.
> Matt

	This all falls out of RFC 1034.  They are returning the
	*best* referral they can on the second (or later) pass
	through RFC1034 Section 4.3.2.

	To avoid this you would have to special case returning
	referrals to the root.  Special cases are bad.

	I also doubt that this is causing the spikes that Paul
	mentioned originally unless the auth servers are BIND 8
	behind a one way firewall which allows the queries to the
	root out by not the replies in.

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the dns-operations mailing list