[dns-operations] resolver cache question

John Levine johnl at taugh.com
Fri Nov 13 19:05:52 UTC 2020

In article <2727165C-BF4C-49D8-B45F-8FFCB5A3C20F at icir.org> you write:
>I just finished reading a paper that basically tries to figure out
>if a hostname is worth caching or not [1]. ...

I can't give you a direct answer but the same question arose a while
back when we were thinking about DNSBLs for IPv6 addresses. The
obvious approach is a variant of rDNS so every IP address corresponds
to a different DNSBL name, and it occurred to us that someone trying
to avoid filtering could hop to a different IP address for every
message, causing a whole lot of one time DNS lookups. I came up with a
different design that more or less published a B-tree of IP CIDR
ranges in the DNS, so all lookups within the same range would reuse
the same answer.

I did some modelling and the answer was a loud who cares. Even with
IPv4 addresses about half of DNSBL lookups are never reused, and it's
never been a problem. The only papers I could find on DNS cache
performance were very old, back in the day when a megabyte was a whole
lot of memory.

I agree that this is indeed a non-problem. To the extent that it is a
problem, the random names come from a small set of actors (Google
Chrome, we're looking at you) and if you care, you're better off with
special cases for the known problem makers.


More information about the dns-operations mailing list