NS Cache

Barry Margolin barmar at alum.mit.edu
Wed Jan 26 05:58:04 UTC 2011 

In article <mailman.1499.1296009856.555.bind-users at lists.isc.org>,
 pyh at mail.nsbeta.info wrote:

> I'm reading the document "Secure DNS Deployment Guide" got from the URL a 
> poster gave in the list. 
> 
> The document said: 
> 
> When a user types the URL www.example.com into a Web browser, the browser 
> program contacts a type of resolver called a stub resolver that then 
> contacts a local name server (called a recursive name server or resolving 
> name server). The resolving name server will check its cache to determine 
> whether it has valid information (the information is determined to be valid
> on the basis of criteria described later in this document) to provide IP 
> address for the accessed Internet resource 
> (i.e.,www.marketing.example.com). If not, the resolving name server checks 
> the cache to determine whether it has the information regarding the name 
> server for the zone marketing.example.com (since this is the zone that is 
> expected to contain the resource www.marketing.example.com). If the name 
> server!ˉs IP address is in the cache, the resolver!ˉs ne query will be 
> directed against that name server. If the IP address of the name server of 
> marketing.example.com is not available in the cache, the resolver 
> determines whether it has the name server information for a zone that is 
> one level higher than marketing.example.com (i.e., example.com). If the 
> name server information for example.com is not available, the next search 
> will be for the name server of the .com zone in the cache. 
> 
> 
> I think the statement below is wrong? 
> 
> > If not, the resolving name server checks the cache to determine whether it 
> > > has the information regarding the name server for the zone 
> > marketing.example.com (since this is the zone that is expected to contain > 
> > the resource www.marketing.example.com). 
>  
> 
> How does the resolver know www.marketing.example.com is a domain name or a 
> zone? www.marketing.example.com can also be a zone which has valid NS 
> records. So I was thinking the resolver shall check the cache firstly to 
> see whether it has the NS records for the zone www.marketing.example.com, 
> if not, then to check the NS for marketing.example.com. Am I right? 
> 
> Regards.

You're correct.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list