[dns-operations] Please contribute data to OARC!

Sebastian Castro sebastian at nzrs.net.nz
Wed Feb 3 01:00:34 UTC 2010

Matthew Pounsett wrote:
> On 2010/02/02, at 11:54, bert hubert wrote:
>> It appears there exists an interaction between authoritative, resolving and
>> typical end-user stub resolvers, in case of a sudden failure of all
>> authoritative servers of low TTL domain names.
> It's not just failure of all authoritative servers.  This behaviour is noted in some resolvers on the failure of any authoritative server.
> Every time I've ever taken a busy authoritative server out of service for maintenance (where busy >= 2000qps) I've quickly received a phone call from my colo provider reporting "packet storms" on my link.  Investigation in all cases has revealed a subset of the usual recursive servers retrying queries more, and more urgently the longer that the server is down.  This abhorrent behaviour is well known, though not necessarily well understood.  I'm not terribly surprised that the behaviour extends beyond recursive servers to some stub resolvers.
> There may be some lists of misbehaving implementations out there in someone's body of research (maybe CAIDA?).

<hat name="CAIDA">
One of the things we are missing is a wide survey of resolver
implementations and their behavior.
It's what I call "client characterization", in order to be able to
classify a source address based on the patterns of the traffic they send
to different authoritative nameservers.

My totally unofficial comment is: Unfortunately CAIDA run out of funding
for DNS research, so they are moving on a different direction. [K, if
you are there, feel free to rebate my comment]

Sounds like a very interesting research work to be done.

>> Also, I've never gotten a clear picture on what popular stubs think of the
>> two or three IP addresses they are given as resolvers. Is the first one more
>> important? It sure appears to be the case.
> All stub implementations where I've noticed the behaviour try their DNSserver list in order, every time, and do not "learn" if a particular server is offline or responding slowly.  My experience in this regard is limited to unixes though.. I'm not sure of the behaviour of the various Windows implementations.
> Matt
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

More information about the dns-operations mailing list