[dns-operations] Usage of dns query negative cache
Shane Kerr
shane at time-travellers.org
Thu Sep 3 08:52:07 UTC 2015
Grant,
On Thu, 3 Sep 2015 00:32:05 -0700
Grant Ridder <shortdudey123 at gmail.com> wrote:
> Anyone know how wide the implementation of RFC2308
> <https://tools.ietf.org/rfc/rfc2308.txt> (Negative Caching of DNS
> Queries) is? It appears Google and Level3 don't do this on their public
> DNS servers, however, Amazon EC2 dns servers do it.
Google does use negative caching. It may be hard to spot, because each
query to 8.8.8.8 seems to go to a separate cache. From here in Beijing,
it looks like there are a half dozen or so resolvers operating, each
with separate TTL timers. In busy nodes, Google may run dozens of
resolvers (I have no idea, just guessing).
$ dig @8.8.8.8 bogus.time-travellers.org
time-travellers.org. 599 IN SOA ...
$ dig @8.8.8.8 bogus.time-travellers.org
time-travellers.org. 599 IN SOA ... # no negative cache
...
time-travellers.org. 595 IN SOA ...
time-travellers.org. 593 IN SOA ...
time-travellers.org. 587 IN SOA ...
time-travellers.org. 592 IN SOA ... # different cache
time-travellers.org. 570 IN SOA ... # back to another
This could be mitigated somewhat by using multi-layer caches, but I
guess Google decided that it wasn't worth the complexity. (Just
guessing again.) I don't recall them publishing anything about this, so
I also don't know if this sort of architecture is based on science,
specific engineering principles, or just "whatever works". :)
As far as I know, negative caching is almost universally deployed.
Cheers,
--
Shane
More information about the dns-operations
mailing list