On Tue, Mar 15, 2016 at 9:52 AM, Stephane Bortzmeyer <bortzme...@nic.fr> wrote:
> On Sun, Mar 13, 2016 at 06:29:37PM +0000, > Ted Lemon <ted.le...@nominum.com> wrote > a message of 27 lines which said: > > > If it's a speed hack, there shouldn't be any normative language > > associated with implementing it. > > Next time, all the caching provisions of RFC 1034 and 1035 will be > called "speed hacks". After all, the DNS would work as well without > caches. > > "NXDOMAIN cut" is not purely an internal optimization because it > changes the observable behavior of a resolver. It therefore has an > effect on other servers. It reveals brokenness in other servers (the > one who reply NXDOMAIN for an ENT). It is not just a matter for the > implementer. > More generally, it also reduces demands on authoritative servers by not sending them a set of unnecessary queries. I have not viewed this as a 'speed hack', or in fact any hack, but as a way to make the entire DNS ecosystem more efficient by correctly interpreting the NXDOMAIN signal. To regurgitate part of my earlier message: "why should resolvers make unnecessary outbound queries for names that don't exist, and why should authoritative servers receive those queries?" As an implementation note, doing this only on a cache miss sounds to me like a reasonable choice. Given the current thread, we should probably revise the draft to remove text that 'sounds' like implementation advice. I also favor "SHOULD", but let's see where WG deliberations lead us. -- Shumon Huque
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop