[dns-operations] More Aggressive prefetch for popular names

Davey Song songlinjian at gmail.com
Sat Apr 6 17:14:27 UTC 2019


Thanks bert, Fred and Florian for your comments. I think I may not make the
problem statement clear in my first mail.

The target issue here is the outage of popluar names during the TTL
(usually hours). The authoritative servers can react the first time when
outage is spotted for example misconfiguration, cache poisoning or other
issue can be resolved by refreshing the cache of resolver. Users of large
population will be affected until TTL expired. Normally the resolver
operators are not aware the problem until the affected users or the popular
name owners call in. Populer names may be google.com, facebook.com,
twitter.com, qq.com,etc.

I heard this issue from a popular name owner in China. I would ask is it a
typical and commen problem for other popular names. Is there any existing
solution or work around for this kind of problem.

Best regards,
Davey


On Sat, 6 Apr 2019 at 23:06, bert hubert <bert.hubert at powerdns.com> wrote:

> On Fri, Apr 05, 2019 at 09:19:27AM +0800, Davey Song(宋林健) wrote:
> > I’m writing to ask if any resolver operator is doing or be asked to do
> > aggressive pre-fetch for popular names in the case of urgent changes of
> > owners’ names.
>
> So why would anyone want to prefetch popular names? You get a lot of hits
> already while the TTL expires. Preventing that one cache miss does not get
> you a lot of gain on aggregate. It appears that the benefit of prefetching
> is concentrated among 'moderately popular domains'.
>
> If a popular name with a low TTL has a slow / unreliable set of
> authoritative servers, why paper over that? They can either raise their TTL
> or fix their servers.
>
> In general, I don't think resolvers should be bending over backwards to fix
> suboptimal authoritative server configurations.
>
> Also, users can definitely deal with a 10 millisecond cache miss.
>
> Writing a correct resolver is already super hard. The recent 'windows
> update' outage showed that doing prefetching is not easy.
>
>     Bert
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations
> <https://lists.dns-oarc.net/mailman/listinfo/dns-operationsdns-operations>
> mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190407/76fb3136/attachment.html>


More information about the dns-operations mailing list