[dns-operations] The (very) uneven distribution of DNS root servers on the Internet
marka at isc.org
Thu May 17 00:56:03 UTC 2012
In message <FA6E07DF-447A-40BE-8367-607248CD81AF at verisign.com>, "Wessels, Duane
> On May 16, 2012, at 5:07 PM, Paul Hoffman wrote:
> > This fills their cache, well within the TTL of any of the TLDs.
> > Doesn't that solve the problem?
> There is a fair amount of NXDOMAIN to the roots, of course.
> But also, some implementations (particularly BIND) won't use the cache
> when name server A/AAAA records expire. When those records expire the
> iteration starts at the root again. A way to prevent cache poisoning I
Named doesn't start from the root. It don't refresh the TTL of
A/AAAA/NS records learnt as a side effect of another query. Queries
start from the closest parent zone with address records for the
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations