On Saturday, 11 April 2020 17:02:07 UTC Shumon Huque wrote: > On Sat, Apr 11, 2020 at 12:33 PM Stephane Bortzmeyer <bortzme...@nic.fr> > wrote: > > ... > > > > I don't think that you answer Brian's idea. The way I've read his > > idea, he suggested, when a resolver detects a lame server (or when all > > servers are lame?), to go back to the parent and to ask again the NS > > set, to see if there is a new and better list. > > Fair enough. If all the servers are lame, that sounds like a reasonable > strategy. > > If only some are lame, and there are still usable servers available, I > suspect resolver implementers won't want to revalidate to avoid the > potential additional performance/latency costs.
if this is part of a larger strategy of lame delegation holddown, i think it's a good idea and even in-scope for the current draft. but without the holddown, it becomes a DDoS against the delegating zone's authority servers. (BIND4 had that at one point, and it was un-pretty.) when revalidation fails, we can argue whether to "rm -r" the cache contents at that delegation point, but we must always prevent subsequent revalidation for a period (randomly chosen) in a range of several minutes. -- Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop