Kea 2.0 - Performance, Stability and Security
We are very proud to announce that we have just posted a new stable branch of Kea, Kea 2.Read post
Earlier research by Geoff Huston, Researcher at APNIC, into the volume of root zone queries had identified that the majority of queries to the root zone were for non-existent domains (NXDOMAIN responses). These queries are unnecessary because a busy resolver already has enough prior negative responses to interpolate these additional negative responses. For example, if the resolver already has a definitive prior response in cache that no zones exist between “.abba” and “.acme”, then it is unnecessary to query for “.abcd”.
The benefits of aggressive negative caching are:
BIND 9.12.0 will synthesize negative answers from cached NXDOMAIN, NODATA, and wildcard responses supplied with NSEC records. The 9.12.0 alpha release is available now, supporting synthesis from NXDOMAIN responses only. The 9.12.0 beta release will add support for synthesizing replies based on NODATA and wildcard responses.
What's New from ISC