Survey - how many people running ISP nameservers define "minimal-responses" - was Re: What is the deal on missing "Authority Section" and "additional section" from google's DNS servers?

Ted Mittelstaedt tedm at ipinc.net
Wed Jul 11 18:26:03 UTC 2012 

Great answers to my question, thanks!

So now, what do you guys all run?

I have always followed the principle of "provide the most information
possible and let the users decide what to ignore" which is why I never
gave a second thought to providing additional data.

But if as Warren said:

"...Many things (correctly (IMO)) ignore the info in additional section 
due to past entertainment with cache poising, etc...."

then what would be best practices for an ISP?

Ted

On 7/11/2012 8:03 AM, Warren Kumari wrote:
>
> On Jul 11, 2012, at 6:30 AM, Ted Mittelstaedt wrote:
>
>> On 7/10/2012 6:37 PM, Michael Hoskins (michoski) wrote:
>>> -----Original Message-----
>>>
>>> From: Ted Mittelstaedt <tedm at ipinc.net>
>>> Date: Tuesday, July 10, 2012 6:24 PM
>>> To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
>>> Subject: What is the deal on missing "Authority Section" and
>>> "additional	section" from google's DNS servers?
>>>
>>>>    I can't seem to find an option to turn off additional data.  How
>>>> does Google and OpenDNS do it?  WHY do they do it?
>>>
>>> have you tried "minimal-responses yes;"?
>>>
>>
>> That did it, thanks!
>>
>>> it can increase name server performance, but can also increase client
>>> workload (e.g. lead to additional queries).  some might also feel it's
>>> best to be "conservative in what you send".
>>>
>>
>> I would then have to assume that Google and OpenDNS are aware of
>> bugs in specific resolver implementations - very likely in certain
>> firmware versions of the small Dlink/Linksys/etc. routers - and
>> have turned off the additional data in order to make their stuff as
>> compatible as possible so that as few people as possible complain.
>>
>> It would be nice if anyone could confirm this.
>>
>
> As you have just seen from one of your customers, there are a non-zero number of folk / devices that have issues with "larger" responses / responses with additional data / etc. Exactly what the devices are isn't (IMO) important, what is is getting answers to folk.
>
> By *far* the majority of folk querying these services are end users / stub resolvers. What they are looking for is simply an A / AAAA and anything extra is simply wasted bandwidth, time, opportunities to get confused, etc.
>
> Many things (correctly (IMO)) ignore the info in additional section due to past entertainment with cache poising, etc.
>
>> It would be nicer if Google or OpenDNS would confirm they are doing
>> it and why.
>>
>
> I think that it is clear from querying (at least Google!) that this is the case:
> $ dig www.example.com @8.8.8.8 | grep ADDI
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
>
>> No doubt both regard it as some sort of trade secret.
>
> Hopefully not… ;-)
>
> W
>
>
>>
>> Ted
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>

More information about the bind-users mailing list