[dns-operations] Full-service resolver - Pending Upstream Query behaviour

Paul Ebersman list-dns-operations at dragon.net
Tue Oct 5 20:23:30 UTC 2021


fneves> I would like to start a discussion or to hear implenters and
fneves> operators of Full-service resolvers on what would be the best
fneves> software architecture or best current configuration practice to
fneves> handle a traffic pattern when a very popular name enters a
fneves> scenario were all the auth-servers are timing-out or network
fneves> unreachable.

vcunat> I'm not sure if there can be *one* BCP way.

Definitely would need to be more a bag of tricks that operators can
mix/match based on their actual environment, customer base, etc.

Paid vs free probably have different concerns and obligations.

Folks with lots of smaller sites with lower qps rates per server vs
folks with a few much larger sites will have different pain points and
remediations.

I'd suspect that there are very few things that are always a good idea
for everyone everywhere.

I think there is value in discussing what zone/RRset timers, cache
sharing, stale serve, response rate limiting and other things are
already out there, issues/benefits and what gaps aren't being currently
well addressed.

Might eventually make a good RFC too.



More information about the dns-operations mailing list