[dns-operations] The (very) uneven distribution of DNS root servers on the Internet

Mark Andrews marka at isc.org
Thu May 17 00:56:03 UTC 2012


In message <FA6E07DF-447A-40BE-8367-607248CD81AF at verisign.com>, "Wessels, Duane
" writes:
> 
> On May 16, 2012, at 5:07 PM, Paul Hoffman wrote:
> 
> > This fills their cache, well within the TTL of any of the TLDs.
> > 
> > Doesn't that solve the problem?
> 
> There is a fair amount of NXDOMAIN to the roots, of course.
> 
> But also, some implementations (particularly BIND) won't use the cache
> when name server A/AAAA records expire.  When those records expire the
> iteration starts at the root again.  A way to prevent cache poisoning I
> believe.

Named doesn't start from the root.  It don't refresh the TTL of
A/AAAA/NS records learnt as a side effect of another query. Queries
start from the closest parent zone with address records for the
nameservers.

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the dns-operations mailing list