[bind10-dev] NSAS Using Authority/Additional Information?

Michal 'vorner' Vaner michal.vaner at nic.cz
Sat Nov 27 10:47:15 UTC 2010 

Hello

On Fri, Nov 26, 2010 at 03:57:07PM -0800, Jerry Scharf wrote:
> Does the selection of the closest enclosing zone get made from data in 
> the rrset cache or from a separate data store? In all the systems I have 
> seen, the decision is made by looking into the cache directly. If so, 
> then you really don't need to keep hardly anything but the IP -> ttl 
> mapping for the selection code in the resolver. Just extract the IP list 
> by tracing the cache. It just seems to be easier from my simple minded 
> view to keep any piece of data in one place. The cache has to have all 
> the TTL management code in it already, why reproduce or partially 
> reproduce it?

By the closest enclosing zone you mean travelling trough the referrals until you
know the name of the zone you want to use? That will be task of the resolver
which will find the referrals in cache or request them.

However, currently the idea is to give NSAS only the name of the zone. The way
it keeps it's own data structures, they can be richer, have callbacks on zones,
nameservers, wait for answers, keep at most 2 outstanding requests for IP
addresses per zone, etc. That way it needs to know a little about TTL. And,
directly looking into the cache is hard when it comes to cnames, dnames, etc. We
want to use the resolver for that task. And the resolver part will be easier if
it will not need to scan the cache to find which IP addresses are fetched
already, which are not. And traversing (and possibly parsing the NS, A and AAAA
records) each time seems like a worse idea than just having pointers to the
objects holding already parsed addresses and their RTTs.

But when the TTL expires, we need to ask the resolver again. The whole logic is
comparing time with saved expiration time, so it is not much of a problem. And
deleting of RTT might be solved by only marking the entry as expired (in which
case it will not return any addresses) and asking the resolver again. When the
answer arrives, it is simply rebuilt, using the old RTTs for addresses that are
the same (well, it doesn't yet, it isn't written, but it shouldn't be that
hard).

With regards

-- 
Work with computer has 2 phases. First, computer waits for the user to tell it what 
to do, then the user waits for the computer to do it. Therefore, computer work 
consists mostly of waiting.

Michal 'vorner' Vaner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind10-dev/attachments/20101127/c8dc5858/attachment.bin>

More information about the bind10-dev mailing list