[Question] Question about negative answers from the cache of BIND9

Kevin Darcy kcd at daimlerchrysler.com
Mon Dec 19 22:59:40 UTC 2005 

Barry Margolin wrote:

>In article <dnve24$2p4n$1 at sf1.isc.org>,
> Kevin Darcy <kcd at daimlerchrysler.com> wrote:
>
>  
>
>>Hideshi Enokihara wrote:
>>    
>>
>>>RFC2308 6 - Negative answers from the cache says,
>>>
>>>  As with all answers coming from the cache, negative answers SHOULD
>>>  have an implicit referral built into the answer.  This enables the
>>>  resolver to locate an authoritative source.  An implicit referral is
>>>  characterised by NS records in the authority section referring the
>>>  resolver towards a authoritative source.
>>>
>>>This sentence means that DNS server should include NS record in the 
>>>authority section
>>>when DNS server send the negative answer from the cache, right?
>>>
>>>But, DNS Server1(BIND9) does not include NS record in the authority section 
>>>at step6.
>>>Why does not includ NS record in the authority section when BIND9 send the 
>>>negative answer from the cache?
>>>
>>>I think this BIND9's behavior does not follow the RFC.
>>>How do you think?
>>>
>>>      
>>>
>>Well, a SHOULD is not the same as a MUST, so there is technically no RFC 
>>violation here.
>>
>>However, as the reference implementation for DNS, my curiosity is piqued 
>>as to why BIND, of all implementations, would opt for default behavior 
>>that contravenes a SHOULD from the relevant RFC.
>>    
>>
>
>I don't think it really matters.  In practice, clients that query a 
>caching server will never query the authoritative servers directly.  So 
>they would never use the NS records if they were sent.
>
I agree with that _in_the_general_case_, but what about a "forward 
first" setup though? The client in that case might want as many NS 
record sets to cache as reasonably possible, so that it can be "ready to 
go" if the forwarder(s) suddenly became unavailable, i.e. it wouldn't 
have to build up its cache from scratch.

Seems like this should be at least configurable, if not the default 
behavior in accordance with the RFC's SHOULD.

                                                                         
                                                                - Kevin

More information about the bind-users mailing list