[dns-operations] Please contribute data to OARC!

Matthew Pounsett matt at conundrum.com
Tue Feb 2 17:47:01 UTC 2010

On 2010/02/02, at 11:54, bert hubert wrote:

> It appears there exists an interaction between authoritative, resolving and
> typical end-user stub resolvers, in case of a sudden failure of all
> authoritative servers of low TTL domain names.

It's not just failure of all authoritative servers.  This behaviour is noted in some resolvers on the failure of any authoritative server.

Every time I've ever taken a busy authoritative server out of service for maintenance (where busy >= 2000qps) I've quickly received a phone call from my colo provider reporting "packet storms" on my link.  Investigation in all cases has revealed a subset of the usual recursive servers retrying queries more, and more urgently the longer that the server is down.  This abhorrent behaviour is well known, though not necessarily well understood.  I'm not terribly surprised that the behaviour extends beyond recursive servers to some stub resolvers.

There may be some lists of misbehaving implementations out there in someone's body of research (maybe CAIDA?).  

> Also, I've never gotten a clear picture on what popular stubs think of the
> two or three IP addresses they are given as resolvers. Is the first one more
> important? It sure appears to be the case.

All stub implementations where I've noticed the behaviour try their DNSserver list in order, every time, and do not "learn" if a particular server is offline or responding slowly.  My experience in this regard is limited to unixes though.. I'm not sure of the behaviour of the various Windows implementations.


More information about the dns-operations mailing list