[bind10-dev] About resolver Negative Cache Design
Shane Kerr
shane at isc.org
Tue Feb 22 13:55:38 UTC 2011
Michael,
On Fri, 2011-02-18 at 17:54 -0600, Michael Graff wrote:
> On 2011-02-18 5:51 PM, Jerry Scharf wrote:
> > Depending on the situation, I have seen 10-40% negative answers on
> > recursive servers. One survey respondent said he had 40% NXDOMs alone.
> > Others may have different numbers. So negative answers are very common
> > in the real world. This is also a reason why people want to add negative
> > entries that last more than 10 minutes (like forever.)
>
> They say they want that, then we get people who ask us why a name fails
> even when it has been changed in their DNS. Not everyone gets how
> negative caching works today. I would be very worried about a "forever"
> negative entry.
>
> How many of those NXDOMAIN entries were for AAAA records btw? I know
> those are usually NODATA/NOANSWER form of negative caching, but I wonder.
A lot of these may be for black-hole lookups (anti-spam stuff). Those
generate a lot of negative answers.
--
Shane
More information about the bind10-dev
mailing list