Paul Vixie wrote:
Is it not the case that ANCOUNT=0 RCODE=0 responses could be cached, whilst
failures to send DNS UPDATE messages to root servers would not be cached?
the data at hand tells me that lots of people don't cache, and those who
do only cache positives. but in principle, yes, if the hosts who aren't
following the spec regarding using SOA.MNAME as a selection criteria among
{NS.NSDNAME} happen not to be the same hosts who aren't caching negative
or empty results, then some good could come of this.
What about the behavior of (modern) caching resolvers, at start-up time,
when they prime themselves based on the root hints file?
What do they query for, i.e. "." with query type of "any"?
If that's the case, then such resolvers will already have the answer
(empty though it may be), and no new traffic should be seen.
If I understand things correctly, that is, and some quick local tests I
did seem to point to this behavior.
(Even trying to do "dig +trace" on the A of . seems to short-circuit
locally, without querying any root servers.)
Brian
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
