Users are experiencing this problem now in the field, and more users
will
be experiencing it as BIND is upgraded in more and more places. Every
single user relying on a Fedora 15 DNS server, for example, is going to
see occasional unnecessary DNS timeouts when trying to resolve host
names.
It seems clear to me that a generally available, generally applicable
fix
to BIND is needed to avoid this issue and perhaps similar issues like
it.
What is the fix you want? Negative caching of FORMERR responses? That
won't work in the wikipedia case, since the (incorrect) SOA minimum is
only 10 minutes, and your cron job runs every 15 minutes.
There are millions of broken domains out there. Asking BIND to install
kludges to pave over them is probably not the best way to go.
michael
PS. BTW, it would be incorrect to state that queries for non-existent AAAA
records for a domain name for which other records exist (e.g. CNAME or A)
should get an NXDOMAIN response. They absolutely should not. They should
get an empty answer with a NOERROR RCODE. NXDOMAIN means that there are
no dns records whatsoever that have the domain name en.wikipedia.org,
which is certainly not the case.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
