<div dir="ltr">what types of authoritative data are they in .de zone? For what? Does it comply with dns standards?</div><div class="gmail_extra"><br><br><div class="gmail_quote">2014-03-26 22:13 GMT+08:00 Peter Koch <span dir="ltr"><<a href="mailto:pk@denic.de" target="_blank">pk@denic.de</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">On Wed, Mar 26, 2014 at 08:22:03PM +0800, ?????? wrote:<br>
<br>
> this case, the recusor does not know whether there are other domain names<br>
> related to test.tld, like b.a.test.tld, <a href="http://b.test.cn" target="_blank">b.test.cn</a> and <a href="http://c.b.test.cn" target="_blank">c.b.test.cn</a>, so that<br>
> next time it should query the tld again when it receives queries for such<br>
> domain names. Consequencely, If a ddos flood of random third-level domain<br>
> names hits the recusors, the flood also be redirected to the the tld the<br>
> domain names belong to.<br>
<br>
</div>this sounds like an attempt to extend the resolver's negative caching<br>
in a way that sometimes has been called "aggressive negative caching".<br>
<div class=""><br>
> I want to know whether there other types of data except delegation data.<br>
<br>
</div>DE definitely has authoritative data in the TLD zone itself, at the second<br>
and deeper levels, including "empty non terminals". For a remotely<br>
related discussion, you may want to look for "delegation only" in the<br>
BIND archives.<br>
<div class=""><br>
> If there are only delegation data in tld some servers , the recursors<br>
> should send less unnessary queries to tld servers when they receive a large<br>
> of queries for a random third-level domain names. As a result, the tld<br>
> servers escape from the disasters.<br>
<br>
</div>While that's a laudable goal, basing the resolvers' behaviour on assumptions<br>
made about particular zones in the tree makes me a bit nervous. In your example<br>
above, you could ask for the delegation for "<a href="http://test.cn" target="_blank">test.cn</a>" explicitly, but that's<br>
already a questionable deviation from protocol reality (Stephane's draft<br>
"draft-bortzmeyer-dns-qname-minimisation-01.txt" nonwithstanding).<br>
<span class="HOEnZb"><font color="#888888"><br>
-Peter<br>
<br>
--<br>
Peter Koch | | <a href="mailto:pk@DENIC.DE">pk@DENIC.DE</a><br>
DENIC eG | | +49 69 27235-0<br>
Kaiserstraße 75-77 | |<br>
60329 Frankfurt am Main | | <a href="http://www.DENIC.DE" target="_blank">http://www.DENIC.DE</a><br>
-------------------------------------------------------------------------<br>
Eingetr. Nr. 770 im Genossenschaftsregister Amtsgericht Frankfurt am Main<br>
Vorstand: Helga Krüger, Carsten Schiefner, Dr. Jörg Schweiger<br>
Vorsitzender des Aufsichtsrats: Thomas Keller<br>
</font></span></blockquote></div><br></div>