[dns-operations] should recursors think there are only delegation data in tld name servers?

刘明星 lmxhappy at gmail.com
Fri Mar 28 01:49:44 UTC 2014


what types of authoritative data are they in .de zone? For what? Does it
comply with dns standards?


2014-03-26 22:13 GMT+08:00 Peter Koch <pk at denic.de>:

> On Wed, Mar 26, 2014 at 08:22:03PM +0800, ?????? wrote:
>
> > this case, the recusor does not know whether there are other domain names
> > related to test.tld, like b.a.test.tld, b.test.cn and c.b.test.cn, so
> that
> > next time it should query the tld again when it receives queries for such
> > domain names. Consequencely, If a ddos flood of random third-level domain
> > names hits the recusors, the flood also be redirected to the the tld the
> > domain names belong to.
>
> this sounds like an attempt to extend the resolver's negative caching
> in a way that sometimes has been called "aggressive negative caching".
>
> >    I want to know whether there other types of data except delegation
> data.
>
> DE definitely has authoritative data in the TLD zone itself, at the second
> and deeper levels, including "empty non terminals".  For a remotely
> related discussion, you may want to look for "delegation only" in the
> BIND archives.
>
> > If there are only delegation data in tld some servers , the recursors
> > should send less unnessary queries to tld servers when they receive a
> large
> > of queries for a random third-level domain names. As a result, the tld
> > servers escape from the disasters.
>
> While that's a laudable goal, basing the resolvers' behaviour on
> assumptions
> made about particular zones in the tree makes me a bit nervous. In your
> example
> above, you could ask for the delegation for "test.cn" explicitly, but
> that's
> already a questionable deviation from protocol reality (Stephane's draft
> "draft-bortzmeyer-dns-qname-minimisation-01.txt" nonwithstanding).
>
> -Peter
>
> --
> Peter Koch              |                           |         pk at DENIC.DE
> DENIC eG                |                           |      +49 69 27235-0
> Kaiserstraße 75-77      |                           |
> 60329 Frankfurt am Main |                           | http://www.DENIC.DE
> -------------------------------------------------------------------------
> Eingetr. Nr. 770 im Genossenschaftsregister Amtsgericht Frankfurt am Main
> Vorstand: Helga Krüger, Carsten Schiefner, Dr. Jörg Schweiger
> Vorsitzender des Aufsichtsrats: Thomas Keller
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20140328/b1b1db91/attachment.html>


More information about the dns-operations mailing list