bind caching data from additional section in responses
btb at bitrate.net
btb at bitrate.net
Sun Oct 9 00:36:29 UTC 2016
On Oct 07, 2016, at 05.44, Tony Finch <dot at dotat.at> wrote:
>
> ben thielsen via bind-users <bind-users at lists.isc.org> wrote:
>>
>> zone "example.com" {
>> type stub;
>> masters {
>> "example.com" ;
>> };
>> };
>>
>> masters "example.com" {
>> 192.168.81.50 ;
>> };
>
> If you want a fixed set of master servers for a zone, use static-stub.
aha, this seems to have worked.
>> is my perception accurate? is bind caching the data it got back in the
>> additional section, for a name outside of the queried zone? if so, why?
>
> See RFC 2181 section 5.4.1 on trustworthiness ranking of DNS data.
>
> BIND needs to cache referrals in order to be able to find the servers for
> follow-up queries (including when it is completing the current query!).
> It doesn't pro-actively check the authoritative servers to get more
> trustworthy versions of the referral records.
thanks for taking the time to summarize this. i sort of have mixed feelings, a little bit, about that degree of trust in additional data, but i get the rationale.
-ben
More information about the bind-users
mailing list