Can bind be configured to not drop RR's from the cache when the upstream DNS server is unresponsive
Barry Margolin
barmar at alum.mit.edu
Fri Mar 18 10:28:59 UTC 2016
In article <mailman.384.1458255932.73610.bind-users at lists.isc.org>,
Mark Andrews <marka at isc.org> wrote:
> How do you actually expect this to ever work in real life?
I'm pretty sure Google DNS does this. Other resolver operators often get
complaints about "Why can't I look up <whatever> through your DNS
servers when I can do it through Google DNS?"
> Caches will generally have expired / not learnt the records by the
> time you realise that you want to keep records longer so there is
> no point even coding support for this into caches. We don't have
> time machines.
Of course, if the record hasn't been cached in the first place, there's
nothing you can do. But a heavily-used resolver will quickly cache most
popular records.
When a cached record expires, the server should try to refresh it. If it
gets a valid response, it updates the cache. But providing the old
record if there's no response is not an unreasonable approach to fault
tolerance.
It would be reasonable to have a configured maximum lifetime for these
expired records, so that caches wouldn't fill up with lots of detritus
from abandoned domains. A day seems like long enough for the
authoritative server operator to fix their problem.
--
Barry Margolin
Arlington, MA
More information about the bind-users
mailing list