Authoritative Server - Referrals to root

Unlisted unlisted at gmail.com
Fri Apr 8 02:40:03 UTC 2005


Thanks for the answers guys - I appreciate it.

> As long as the customer still has the delegation pointing
> to you there is nothing wrong with serving the minimal zone.
> By NOT serving the zone that is delegated to you you are
> causing operational problems for yourserlf and every client
> that looks up the zone.

I'm more or less trying to plan for the future.  I've been nailed 2-3
times in the past month with zones that are delegated to us, but the
customer either does not know it, or they let the DNS expire and don't
really care what happens to the domain name.  Running DNSTOP shows
these non-existant zones are 4x the query rate than even our NS
records, which are usually at the top of the list.  See this few second
dnstop snippet for an example ... that top zone is non-existant, 20% of
the queries on our entire system are from that one alone.

3LD                                count      %
------------------------------ --------- ------
sbiztrade.net                       2024   20.3
ns2.changeip.com                     376    3.8
ns1.changeip.com                     369    3.7
ns3.changeip.com                     352    3.5
ns4.changeip.com                     342    3.4

These servers are authoritative only.  Would it help to add a wildcard
root SOA with no records and set the TTL for 30 seconds or something?
This way they at least get a result they can cache and quit coming back
to ask every millisecond of every day.  I know wildcards are risky and
have side effects, but I don't really want to 'manually' search for
non-existant zones and enter something for them every time they popup.
Automation is the key to having free time to with your 5 year old after
work.

Thx



More information about the bind-users mailing list