On Wed, 2 Sep 2009, fujiw...@jprs.co.jp wrote:
> Now, I'm testing "On the Fly" generation of PTR and RRs and "On
> the Fly" signing using perl + Net::DNS::SEC.
I notice it creates a new signature for same look up everytime. So the
inception and expiration is increased immediately. Would it make sense to
possibly attempt to cache these generated signatures for the most
frequent requests? Or is it better to just have a caching server in front
of the "On the Fly" DNS server? Or just rely on others to cache (since we
assume that won't hit the authoritative again for same query).
Also any benchmarks on how fast it can sign on the fly?
It would be great if you can make the newer script available too (the one
using Net::DNS::SEC).
Thanks
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop