Excessive query by open DNS
Raul Lopez Nevot
r.nevot at gmail.com
Wed Oct 8 20:13:36 UTC 2008
On Wed, Oct 8, 2008 at 9:53 AM, Scott Haneda <talklists at newgeo.com> wrote:
>
> Why not return 127.0.0.1 for everything?
>>>
>>> Think it's a good idea, and return it with very very high TTL. All DNSs
>> caching these values will help you to avoid this traffic.
>>
>
>
> I agree, and I will eventually. As it stands now, openDNS is not playing
> by the rules as I know them. If there is no record, they should look once,
> cache that response, and move on. Certainly, they should not hit a server
> 100+ times in 3-4 seconds in succession.
>
OK,
I don't know about the internals of OpenDNS systems, but I think they
*should* ask for every request they have for your domain, and only return
their own IPs in case the host requested does not exist at this moment, and
return it with very low TTL.
Just tested now, and they return TTL 0 for non-existing domains.
Of course, I think they should not return their own IPs, just return
NXDOMAIN or so. But if they choose the wrong way and they return their IPs
in non-existing case, the best way to return it is with TTL 0. And this
doesn't avoid your DNS to get thousands of requests. May be they are not
playing well, but not for not caching responses, because they shouldn't, but
for offering their IPs and not returning NXDOMAIN.
If you workaround this adding this domain and sending 127.0.0.1, for
example, with very high ttl, they *will* cache the result, and yes, then
they will help you not to get such this traffic.
> I have emailed them, and if I get any reply, I will post my results back
> here.
> --
>
Please do it :-)
Regards
More information about the bind-users
mailing list