[dns-operations] Usage of dns query negative cache

Shane Kerr shane at time-travellers.org
Thu Sep 3 08:52:07 UTC 2015


On Thu, 3 Sep 2015 00:32:05 -0700
Grant Ridder <shortdudey123 at gmail.com> wrote:

> Anyone know how wide the implementation of RFC2308
> <https://tools.ietf.org/rfc/rfc2308.txt> (Negative Caching of DNS
> Queries) is?  It appears Google and Level3 don't do this on their public
> DNS servers, however, Amazon EC2 dns servers do it.

Google does use negative caching. It may be hard to spot, because each
query to seems to go to a separate cache. From here in Beijing,
it looks like there are a half dozen or so resolvers operating, each
with separate TTL timers. In busy nodes, Google may run dozens of
resolvers (I have no idea, just guessing).

$ dig @ bogus.time-travellers.org
time-travellers.org.	599	IN	SOA	...
$ dig @ bogus.time-travellers.org
time-travellers.org.	599	IN	SOA     ...   # no negative cache
time-travellers.org.	595	IN	SOA     ... 
time-travellers.org.	593	IN	SOA     ...
time-travellers.org.	587	IN	SOA     ...
time-travellers.org.	592	IN	SOA     ...   # different cache
time-travellers.org.	570	IN	SOA     ...   # back to another

This could be mitigated somewhat by using multi-layer caches, but I
guess Google decided that it wasn't worth the complexity. (Just
guessing again.) I don't recall them publishing anything about this, so
I also don't know if this sort of architecture is based on science,
specific engineering principles, or just "whatever works". :)

As far as I know, negative caching is almost universally deployed.



More information about the dns-operations mailing list