question about caching of lame servers
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Oct 16 09:47:50 UTC 2006
Hi Tatuya!
Thanks for your answers.
JINMEI Tatuya / 神明達哉 wrote:
>> Further, I not only want to cache lame name servers, but also name
>> servers which are down. Is this possible?
>
> Not exactly, but the fact that a server is down is cached as
> a penalized RTT, which makes that server less preferred in subsequent
> server selection.
Penalized RTT works fine if at least one authoritative name server is
working, but if all authoritative name servers are down, then this is no
help.
Maybe I should describe the cause of my question. I am using openser as
SIP proxy. openser is multi threaded (fixed number of threads) and uses
libresolv for domain resolving. Thus, if openser resolves a domain with
broken name servers (either by network problems or by intention (DoS
attack)), openser's thread is busy until a timeout happens.
This can be easily used to make a DoS attack. Probably the best solution
would be to use asynchronous DNS in openser, but this will not be
implemented soon.
Do you know a solution to solve this problem in the recursive name server?
regards
klaus
More information about the bind-users
mailing list