[dns-operations] resolver cache question
Mark Allman
mallman at icir.org
Fri Nov 13 17:41:54 UTC 2020
Folks-
I just finished reading a paper that basically tries to figure out
if a hostname is worth caching or not [1]. This isn't the first
paper like this I have read. This sort of thing strikes me as a
solution in search of a problem. The basic idea is that there are
lots of hostnames that are automatically generated---for various
reasons---and only ever looked up one time. Then there is an
argument made that these obviously clog up resolver caches.
Therefore, if we can train a fancy ML classifier well enough to
predict these hostnames are ephemeral and will only be resolved the
once---because they are automatically generated and so have some
tells---then we can save cache space (and effort) by not caching
these.
- My first reaction to the notion of clogging the cache is always
to think that surely some pretty simple LFU/LRU eviction policy
could handle this pretty readily. But, that aside...
- I wonder how much this notion of caches getting clogged up
really happens. Could anyone help with a clue? How often do
resolvers evict entries before the TTL expires? Or, how much
over-provisioning of resolvers happens to accommodate such
records? I know resolver caching helps [2], but I always feel
like I really know nothing about it when I read papers like
this. Can folks help? Or, point me at handy references?
[1] https://www.sciencedirect.com/science/article/abs/pii/S1389128620312627
[2] https://www.icir.org/mallman/pubs/All20b/
Many thanks!
allman
--
https://www.icir.org/mallman/
@mallman_icsi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 220 bytes
Desc: OpenPGP digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20201113/e7a075c9/attachment.sig>
More information about the dns-operations
mailing list