[dns-operations] Usage of dns query negative cache
Kumar Ashutosh
Kumar.Ashutosh at microsoft.com
Thu Sep 3 11:31:21 UTC 2015
Windows DNS Servers do implement neg. caching!
Thanks
Ashu
Program Manager | Windows Networking| DNS & SDN|
-----Original Message-----
From: dns-operations [mailto:dns-operations-bounces at dns-oarc.net] On Behalf Of Shane Kerr
Sent: Thursday, September 3, 2015 14:22
To: dns-operations at dns-oarc.net
Subject: Re: [dns-operations] Usage of dns query negative cache
Grant,
On Thu, 3 Sep 2015 00:32:05 -0700
Grant Ridder <shortdudey123 at gmail.com> wrote:
> Anyone know how wide the implementation of RFC2308
> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftool
> s.ietf.org%2frfc%2frfc2308.txt&data=01%7c01%7caskuma%40064d.mgd.micros
> oft.com%7c5431109aa53f43cccb0708d2b43e9c6f%7c72f988bf86f141af91ab2d7cd
> 011db47%7c1&sdata=nMQ1zrc%2b9sLivxyFUFmcxCEnk85bsDKXMlFL9JXxkiw%3d>
> (Negative Caching of DNS
> Queries) is? It appears Google and Level3 don't do this on their
> public DNS servers, however, Amazon EC2 dns servers do it.
Google does use negative caching. It may be hard to spot, because each query to 8.8.8.8 seems to go to a separate cache. From here in Beijing, it looks like there are a half dozen or so resolvers operating, each with separate TTL timers. In busy nodes, Google may run dozens of resolvers (I have no idea, just guessing).
$ dig @8.8.8.8 https://na01.safelinks.protection.outlook.com/?url=bogus.time-travellers.org&data=01%7c01%7caskuma%40064d.mgd.microsoft.com%7c5431109aa53f43cccb0708d2b43e9c6f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=s0ZJFJ25%2f09SVqBUl%2fYPBCRhgbMM5rOZTTkhCbfA68c%3d
time-travellers.org. 599 IN SOA ...
$ dig @8.8.8.8 https://na01.safelinks.protection.outlook.com/?url=bogus.time-travellers.org&data=01%7c01%7caskuma%40064d.mgd.microsoft.com%7c5431109aa53f43cccb0708d2b43e9c6f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=s0ZJFJ25%2f09SVqBUl%2fYPBCRhgbMM5rOZTTkhCbfA68c%3d
time-travellers.org. 599 IN SOA ... # no negative cache
...
time-travellers.org. 595 IN SOA ...
time-travellers.org. 593 IN SOA ...
time-travellers.org. 587 IN SOA ...
time-travellers.org. 592 IN SOA ... # different cache
time-travellers.org. 570 IN SOA ... # back to another
This could be mitigated somewhat by using multi-layer caches, but I guess Google decided that it wasn't worth the complexity. (Just guessing again.) I don't recall them publishing anything about this, so I also don't know if this sort of architecture is based on science, specific engineering principles, or just "whatever works". :)
As far as I know, negative caching is almost universally deployed.
Cheers,
--
Shane
_______________________________________________
dns-operations mailing list
dns-operations at lists.dns-oarc.net
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.dns-oarc.net%2fmailman%2flistinfo%2fdns-operations&data=01%7c01%7caskuma%40064d.mgd.microsoft.com%7c5431109aa53f43cccb0708d2b43e9c6f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=3mjL%2fg06849%2be6HEIPodX%2fGgPZLPHAsc52uxGXXNHz8%3d
dns-jobs mailing list
https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.dns-oarc.net%2fmailman%2flistinfo%2fdns-jobs&data=01%7c01%7caskuma%40064d.mgd.microsoft.com%7c5431109aa53f43cccb0708d2b43e9c6f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=8DLurFVJUJhY0sqOMa6AglLEbZf0uIKkPd4N%2b%2fD%2bIsI%3d
More information about the dns-operations
mailing list