Authoritative Server - Referrals to root
Unlisted
unlisted at gmail.com
Fri Apr 8 02:40:03 UTC 2005
Thanks for the answers guys - I appreciate it.
> As long as the customer still has the delegation pointing
> to you there is nothing wrong with serving the minimal zone.
> By NOT serving the zone that is delegated to you you are
> causing operational problems for yourserlf and every client
> that looks up the zone.
I'm more or less trying to plan for the future. I've been nailed 2-3
times in the past month with zones that are delegated to us, but the
customer either does not know it, or they let the DNS expire and don't
really care what happens to the domain name. Running DNSTOP shows
these non-existant zones are 4x the query rate than even our NS
records, which are usually at the top of the list. See this few second
dnstop snippet for an example ... that top zone is non-existant, 20% of
the queries on our entire system are from that one alone.
3LD count %
------------------------------ --------- ------
sbiztrade.net 2024 20.3
ns2.changeip.com 376 3.8
ns1.changeip.com 369 3.7
ns3.changeip.com 352 3.5
ns4.changeip.com 342 3.4
These servers are authoritative only. Would it help to add a wildcard
root SOA with no records and set the TTL for 30 seconds or something?
This way they at least get a result they can cache and quit coming back
to ask every millisecond of every day. I know wildcards are risky and
have side effects, but I don't really want to 'manually' search for
non-existant zones and enter something for them every time they popup.
Automation is the key to having free time to with your 5 year old after
work.
Thx
More information about the bind-users
mailing list