bind caching data from additional section in responses

Tony Finch dot at dotat.at
Fri Oct 7 09:44:37 UTC 2016


ben thielsen via bind-users <bind-users at lists.isc.org> wrote:
>
> zone "example.com" {
> 	type stub;
> 	masters {
> 		"example.com" ;
> 	};
> };
>
> masters "example.com" {
> 	192.168.81.50 ;
> };

If you want a fixed set of master servers for a zone, use static-stub.

A stub zone works a bit like the root hints: it will update its idea of
where the authoritative servers are based on responses from the network.

> is my perception accurate?  is bind caching the data it got back in the
> additional section, for a name outside of the queried zone?  if so, why?

See RFC 2181 section 5.4.1 on trustworthiness ranking of DNS data.

BIND needs to cache referrals in order to be able to find the servers for
follow-up queries (including when it is completing the current query!).
It doesn't pro-actively check the authoritative servers to get more
trustworthy versions of the referral records.

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Biscay: East backing north 3 or 4. Moderate. Fair. Good.


More information about the bind-users mailing list