[dns-operations] NS selection in bind
Doug Barton
dougb at dougbarton.us
Fri Sep 17 19:30:28 UTC 2010
On 9/17/2010 2:53 AM, Ricardo Oliveira wrote:
> Hello,
> A question about ns selection in bind. It seems up to bind 9.5, it
> selects the ns with the lowest rtt, but there were some changes in
> bind 9.6 that makes it doing random selection, from
> https://www.isc.org/software/bind/new-features/9.6 :
>
> "As a security improvement to make forgery a little more difficult,
> BIND 9.6 now attempts to make the order of the server selection for
> queries less predictable. Previously, BIND would prefer to query the
> server with the lowest round trip time (RTT).
> Now servers that haven't been tried yet have their RTT set to a random value
Here is the answer to what I think part of your question is.
> between 0 ms and 7
> ms. And the RTT values of servers which have been tried are now
> randomly changed up to 128 ms."
>
> Does anyone in this list knows more details about this change short of
> looking at the source code?
> How often are RTTs randomly changed, on every query?
> Is the value picked randomly between 0 and 128ms?
Michael's answer handles this part of your question.
Doug
--
... and that's just a little bit of history repeating.
-- Propellerheads
Improve the effectiveness of your Internet presence with
a domain name makeover! http://SupersetSolutions.com/
More information about the dns-operations
mailing list