[dns-operations] resolver cache question

John Levine johnl at taugh.com
Fri Nov 13 19:05:52 UTC 2020


In article <2727165C-BF4C-49D8-B45F-8FFCB5A3C20F at icir.org> you write:
>Folks-
>
>I just finished reading a paper that basically tries to figure out
>if a hostname is worth caching or not [1]. ...

I can't give you a direct answer but the same question arose a while
back when we were thinking about DNSBLs for IPv6 addresses. The
obvious approach is a variant of rDNS so every IP address corresponds
to a different DNSBL name, and it occurred to us that someone trying
to avoid filtering could hop to a different IP address for every
message, causing a whole lot of one time DNS lookups. I came up with a
different design that more or less published a B-tree of IP CIDR
ranges in the DNS, so all lookups within the same range would reuse
the same answer.

I did some modelling and the answer was a loud who cares. Even with
IPv4 addresses about half of DNSBL lookups are never reused, and it's
never been a problem. The only papers I could find on DNS cache
performance were very old, back in the day when a megabyte was a whole
lot of memory.

I agree that this is indeed a non-problem. To the extent that it is a
problem, the random names come from a small set of actors (Google
Chrome, we're looking at you) and if you care, you're better off with
special cases for the known problem makers.

R's,
John



More information about the dns-operations mailing list