[dns-operations] Mozilla Firefox and ANY queries
Fred Morris
m3047 at m3047.net
Wed Mar 4 17:00:07 UTC 2015
On Wed, 4 Mar 2015, Bob Harold wrote:
> Can someone be more specific on what "overwhelm"s the os cache? I
> assume all the names still need to be looked up in te os and thus get
> in the os cache. Is it cache hits that are too many - that sounds
> unlikely. Or is it entries with very low ttl that you are caching
> longer in the browser to avoid lookups?
I didn't understand this either. So I did some cursory playing with BIND
9.9.2.
* ANY always returns a TTL of 5 seconds.
* Unless RD is turned off, named re-issues the request to the
authoritative nameservers, iff it has nothing whatsoever in cache.
If overwhelming cache was a key consideration, one would think that this
would be surfaced in testing. I haven't looked over on the BIND lists.
--
Fred Morris
--
[Edited for brevity. brian* are names which are not explicitly defined for
the zone, which is wildcarded.]
** BIND fetches it into cache when it wasn't there previously. Note the
TTLs (all of them). **
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;brian.m3047.net. IN ANY
;; ANSWER SECTION:
brian.m3047.net. 5 IN A 209.221.140.128
;; AUTHORITY SECTION:
m3047.net. 5049 IN NS ns2.distributedns.com.
m3047.net. 5049 IN NS ns1.distributedns.com.
;; ADDITIONAL SECTION:
ns1.distributedns.com. 22104 IN A 50.194.52.65
ns2.distributedns.com. 22104 IN A 50.194.52.67
;; Query time: 115 msec
;; SERVER: 10.0.0.220#53(10.0.0.220)
;; WHEN: Tue Mar 3 11:36:48 2015
;; MSG SIZE rcvd: 134
** RD is disabled. **
m3047 at flame:~> dig brian2.m3047.net any +norecurse
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;brian2.m3047.net. IN ANY
;; AUTHORITY SECTION:
m3047.net. 5023 IN NS ns1.distributedns.com.
m3047.net. 5023 IN NS ns2.distributedns.com.
;; ADDITIONAL SECTION:
ns1.distributedns.com. 22078 IN A 50.194.52.65
ns2.distributedns.com. 22078 IN A 50.194.52.67
** Let's query specifically for the (synthesized) A record and load it
into cache... Notice the TTL. **
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;brian2.m3047.net. IN A
;; ANSWER SECTION:
brian2.m3047.net. 86400 IN A 209.221.140.128
;; AUTHORITY SECTION:
m3047.net. 4966 IN NS ns1.distributedns.com.
m3047.net. 4966 IN NS ns2.distributedns.com.
;; ADDITIONAL SECTION:
ns1.distributedns.com. 22021 IN A 50.194.52.65
ns2.distributedns.com. 22021 IN A 50.194.52.67
** Let's see what ANY says. Notice the TTL. Notice all of the TTLs. **
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;brian2.m3047.net. IN ANY
;; ANSWER SECTION:
brian2.m3047.net. 5 IN A 209.221.140.128
;; AUTHORITY SECTION:
m3047.net. 4962 IN NS ns2.distributedns.com.
m3047.net. 4962 IN NS ns1.distributedns.com.
;; ADDITIONAL SECTION:
ns1.distributedns.com. 22017 IN A 50.194.52.65
ns2.distributedns.com. 22017 IN A 50.194.52.67
** TTL is still 5 seconds for our qname, but the rest of the TTLs are
counting down... **
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;brian2.m3047.net. IN ANY
;; ANSWER SECTION:
brian2.m3047.net. 5 IN A 209.221.140.128
;; AUTHORITY SECTION:
m3047.net. 4789 IN NS ns1.distributedns.com.
m3047.net. 4789 IN NS ns2.distributedns.com.
;; ADDITIONAL SECTION:
ns1.distributedns.com. 21844 IN A 50.194.52.65
ns2.distributedns.com. 21844 IN A 50.194.52.67
** Hopefully you get the idea... **
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;brian2.m3047.net. IN A
;; ANSWER SECTION:
brian2.m3047.net. 86214 IN A 209.221.140.128
;; AUTHORITY SECTION:
m3047.net. 4780 IN NS ns1.distributedns.com.
m3047.net. 4780 IN NS ns2.distributedns.com.
;; ADDITIONAL SECTION:
ns1.distributedns.com. 21835 IN A 50.194.52.65
ns2.distributedns.com. 21835 IN A 50.194.52.67
More information about the dns-operations
mailing list