RIPE 86 - Rotterdam Trip Notes
Five of us from ISC attended the RIPE 86 meeting in Rotterdam, May 22 - 26, 2023.Read post
APNIC has generously offered to sponsor addition of aggressive negative caching, or NSEC Aggressive Use in BIND 9.12.0. They have explained the reasons for supporting this in an APNIC blog posting.
Earlier research by Geoff Huston, Researcher at APNIC, into the volume of root zone queries had identified that the majority of queries to the root zone were for non-existent domains (NXDOMAIN responses). These queries are unnecessary because a busy resolver already has enough prior negative responses to interpolate these additional negative responses. For example, if the resolver already has a definitive prior response in cache that no zones exist between “.abba” and “.acme”, then it is unnecessary to query for “.abcd”.
The benefits of aggressive negative caching are:
BIND 9.12.0 will synthesize negative answers from cached NXDOMAIN, NODATA, and wildcard responses supplied with NSEC records. The 9.12.0 alpha release is available now, supporting synthesis from NXDOMAIN responses only. The 9.12.0 beta release will add support for synthesizing replies based on NODATA and wildcard responses.
What's New from ISC