Hello,
A question about ns selection in bind. It seems up to bind 9.5, it
selects the ns with the lowest rtt, but there were some changes in
bind 9.6 that makes it doing random selection, from https://www.isc.org/software/bind/new-features/9.6
:
"As a security improvement to make forgery a little more difficult,
BIND 9.6 now attempts to make the order of the server selection for
queries less predictable. Previously, BIND would prefer to query the
server with the lowest round trip time (RTT). Now servers that haven't
been tried yet have their RTT set to a random value between 0 ms and 7
ms. And the RTT values of servers which have been tried are now
randomly changed up to 128 ms."
Does anyone in this list knows more details about this change short of
looking at the source code? How often are RTTs randomly changed, on
every query? Is the value picked randomly between 0 and 128ms?
Thanks,
--Ricardo
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
