Ted Lemon <[email protected]> wrote:
> > It neatly avoids a lot of wasteful authoritative queries.
>
> This is an interesting statement. Do you have any numbers on this, or
> is this based on intuition?
Based on discussions of attack traffic and junk queries.
I've had a look at the contents of one of my caches and sadly it isn't
very easy to analyze, e.g. there's some search-path-related junk under
com.ac.uk and net.ac.uk but no negative entries for com.ac.uk or net.ac.uk
themselves (because, no qname minimization).
One analysis I can do fairly easy is count the number of cache entries in
nonexistent TLDs; this cache has 4617 out of 1945116 total names.
We have a relatively well policed network, and I don't get to see the
worst traffic from the student accommodation or the mail servers, so I'm
smugly unsurprised my numbers are relatively unconvincing :-)
sed -E '/^([0-9a-z_.-]+)[.][ ].*/!d;
s//\1/;
s/^.*[.]//' named_dump.db |
perl -e 'my %root;
for (qw('"$(
dig axfr . |
sed -E '/^([a-z0-9-]+)[.][ ].*/!d;
s//\1/' |
uniq)"')) {
$root{$_} = 1
}
my ($y,$n);
while (<>) {
chomp;
if ($root{$_}) { ++$y }
else { ++$n }
}
END {
print "y $y\nn $n\n"
}'
Tony.
--
f.anthony.n.finch <[email protected]> http://dotat.at/
Shannon, Rockall: Southeast 4 or 5, increasing 6 at times. Moderate or rough.
Fair. Good.
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
