BIND this easy to DOS? (nobody?)
Barry Margolin
barmar at alum.mit.edu
Sat Jan 14 17:07:23 UTC 2006
In article <dqavbp$2n85$1 at sf1.isc.org>,
John Little <jlittle_97 at yahoo.com> wrote:
> > > I believe named caches 'lame servers'? Why does it not cache
> > unreachable
> > > servers?
>
> It does. From DNS and Bind 4th Ed-Since 4.9 all Bind servers implement
> negative caching..if an authoritative name server responds to a query
> that says the domain name or datatype doesn't exist the name server
> temporarily caches that information too.
>
> and further on:
> Name servers can't cache data forever so the administrator must decide
> on a TTL for the zone. A small ttl creates lots of queries but ensures
> consistency while a large ttl reduces queries but may not be as
> consistent.
>
> All of the above wa paraphrased from the book.
Neither of those paragraphs addresses the problem the OP wrote about.
He's not getting *any* response from the nameservers, so there's no
negative response to cache.
I believe he's absolutely correct. BIND doesn't cache the fact that a
particular server is non-responsive, so that it shouldn't bother trying
to query it at all.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list