[dns-operations] OpenDNS, Google, Nominet - New delegation update failure mode

Puneet Sood puneets at google.com
Wed Nov 18 05:38:28 UTC 2020


On Mon, Nov 16, 2020 at 7:09 PM Doug Barton <dougb at dougbarton.email> wrote:
>
> Puneet, or anyone else at Google, are there publicly available
> references to this configuration choice? Web searches have all returned
> pages of generic discussion about parent/child config. I'm having a
> discussion with some colleagues and it would be helpful to reference
> something official.

For Google Public DNS, the public mention of parent centric behavior
is at https://developers.google.com/speed/public-dns/docs/troubleshooting/domains#delegation.
It does not provide detailed information about the implementation.
This is not a configuration option - this is the only way our resolver
service works. Other key points:
* we maintain a separate delegation cache; distinct from the response cache
* user queries for NS records result in queries to nameservers for the
zone and return NS RRs from the zone and are cached in response cache

Note that the delegation cache behavior is subject to change as we
improve our implementation and review
https://datatracker.ietf.org/doc/draft-ietf-dnsop-ns-revalidation/.

-Puneet

>
> If anyone from Nominet, or Knot, or other folks who referenced that
> their software is also parent-centric have references, that would be
> helpful as well.
>
> Best regards,
>
> Doug
>
> On 2020-04-02 13:12, Puneet Sood wrote:
> > Hi Doug,
> >
> > Google Public DNS resolution is working now.
> >
> > Google Public DNS is “parent-centric”—meaning that it only uses the
> > name servers that are returned in the referral responses from the
> > parent zone name servers, and does not make NS queries to this child
> > zone. So updating the parent delegation to include both NS sets will
> > help with Google Public DNS resolution.
> >
> > -Puneet




More information about the dns-operations mailing list