mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-22 10:10:06 +00:00
39 lines
1.1 KiB
Plaintext
39 lines
1.1 KiB
Plaintext
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
|
|
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
|
|
|
|
$Id: ncache,v 1.7 2004/03/05 05:04:46 marka Exp $
|
|
|
|
Negative Caching
|
|
|
|
The non-DNSSEC case is pretty easy.
|
|
|
|
foundname = soa name
|
|
rdataset = soa
|
|
node = NULL
|
|
|
|
DNSSEC complicates things a lot, because we have to return one or more NXT
|
|
records (if we have them) as proof. Another tricky bit here is that we may
|
|
have an NXT record so we know the answer is NODATA, but we don't have the SOA
|
|
so we can't make a NODATA response that a non-DNSSEC-aware server could
|
|
cache. Life would sure be easier if we knew if the client understood DNSSEC.
|
|
Not sure what to do in this case. Probably return delegation to force client
|
|
to ask authority.
|
|
|
|
|
|
Perhaps we should just create some kind of meta-rdata, the "negative cache
|
|
rdata type"?
|
|
|
|
Or maybe something like:
|
|
|
|
dns_rdataset_ncachefirst()
|
|
dns_rdataset_ncachenext()
|
|
dns_rdataset_ncachecurrent()
|
|
|
|
dns_db_ncachenew(db, type) /* type can be any */
|
|
dns_db_ncachesoa(name, rdataset)
|
|
dns_db_ncachenxt(name, rdataset)
|
|
dns_db_ncacheadd(db, name, version)
|
|
|
|
Ick. I favor the former.
|