Ralf Weber <d...@fl1ger.de>于2017年8月16日周三 下午4:22写道:
> Moin! > > On 16 Aug 2017, at 6:19, Lanlan Pan wrote: > > > We analyzed our recursive query log, about 18.6 billion queries from > > 12/01/2015 to 12/07/2015. > > > > We found about 4.7 Million temporary domains occupy the recursive's > > cache, > > which are subdomain wildcards from Skype, QQ, Mcafee, Microsoft, > > 360safedns, Cloudfront, Greencompute... > > > > Temporary Domain Names/ All Names: 41.7% > > Queries for Temporary Domain Names/ All Queries: 0.12% > So you are designing a protocol change for 0.12% of your queries? IMHO > not a > good use of engineering time. > The temporary domain name's rate > 40%. Every xxx/yyy/zzz.foo.com query must be sent to Authoritative Nameserver for the subdomain wildcard same answer, we can try to reduce this cost, and shorten the response laterncy. > > Details in: Dealing with temporary domain name issues in the DNS > > < > https://www.computer.org/csdl/proceedings/iscc/2016/0679/00/07543831-abs.html > > > > > > < > https://www.computer.org/csdl/proceedings/iscc/2016/0679/00/07543831-abs.html > > > > The operational problem is, subdomain wildcards waste recursive cache > > capacity. Existing solution to the problem is not adequate in > > recursive > > operating environment at present, because of low DNSSEC deployment. > Sorry can't read that, but from the abstract and your emails I think the > main > flaw in your thinking is that you want to cache all the records, > regardless of > how often they are queried. That is not how caching resolvers work. > Records that > are not used frequently and most of these signalling queries are one > time queries > just expire from the cache, either by LRU mechanism or TTL. > Yes, LRU and TTL can expire from the cache, which were also discussed in the paper. Recursives commonly cache "all queried domain in n days" for some SERVFAIL/TIMEOUT condition, which has been documented in https://tools.ietf.org/html/draft-tale-dnsop-serve-stale-01 The subdomain wildcards cache are needlessly, and we can make some optimization. > So long > -Ralf > -- 致礼 Best Regards 潘蓝兰 Pan Lanlan
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
