bind/doc/design/ncache

Copyright (C) 2004  Internet Systems Consortium, Inc. ("ISC")
Copyright (C) 1999-2001  Internet Software Consortium.
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.

$Id: ncache,v 1.7 2004/03/05 05:04:46 marka Exp $

Negative Caching

The non-DNSSEC case is pretty easy.

	foundname = soa name
	rdataset = soa
	node = NULL

DNSSEC complicates things a lot, because we have to return one or more NXT
records (if we have them) as proof.  Another tricky bit here is that we may
have an NXT record so we know the answer is NODATA, but we don't have the SOA
so we can't make a NODATA response that a non-DNSSEC-aware server could
cache.  Life would sure be easier if we knew if the client understood DNSSEC.
Not sure what to do in this case.  Probably return delegation to force client
to ask authority.


Perhaps we should just create some kind of meta-rdata, the "negative cache
rdata type"?

Or maybe something like:

dns_rdataset_ncachefirst()
dns_rdataset_ncachenext()
dns_rdataset_ncachecurrent()

dns_db_ncachenew(db, type)		/* type can be any */
dns_db_ncachesoa(name, rdataset)
dns_db_ncachenxt(name, rdataset)
dns_db_ncacheadd(db, name, version)

Ick.  I favor the former.
update copyright notice 2004-03-05 05:14:21 +00:00			`Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")`
copyright update 2001-01-09 22:01:04 +00:00			`Copyright (C) 1999-2001 Internet Software Consortium.`
new URL for the copyright notice 2000-08-09 04:37:43 +00:00			`See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.`
add 1999-04-10 00:37:31 +00:00
update copyright notice 2004-03-05 05:14:21 +00:00			$Id: ncache,v 1.7 2004/03/05 05:04:46 marka Exp $
add RCS id string 2000-06-22 22:00:42 +00:00
add 1999-04-10 00:37:31 +00:00			`Negative Caching`

			`The non-DNSSEC case is pretty easy.`

			`foundname = soa name`
			`rdataset = soa`
			`node = NULL`

			`DNSSEC complicates things a lot, because we have to return one or more NXT`
			`records (if we have them) as proof. Another tricky bit here is that we may`
			`have an NXT record so we know the answer is NODATA, but we don't have the SOA`
			`so we can't make a NODATA response that a non-DNSSEC-aware server could`
			`cache. Life would sure be easier if we knew if the client understood DNSSEC.`
			`Not sure what to do in this case. Probably return delegation to force client`
			`to ask authority.`


Trailing whitespace trimmed. Perhaps running "perl util/spacewhack.pl in your own CVS tree will help minimize CVS conflicts. Maybe not. Blame Graff for getting me to trim all trailing whitespace. 2000-08-01 01:33:37 +00:00			`Perhaps we should just create some kind of meta-rdata, the "negative cache`
add 1999-04-10 00:37:31 +00:00			`rdata type"?`

			`Or maybe something like:`

			`dns_rdataset_ncachefirst()`
			`dns_rdataset_ncachenext()`
			`dns_rdataset_ncachecurrent()`

			`dns_db_ncachenew(db, type) /* type can be any */`
			`dns_db_ncachesoa(name, rdataset)`
			`dns_db_ncachenxt(name, rdataset)`
			`dns_db_ncacheadd(db, name, version)`

			`Ick. I favor the former.`