A DNS administrator set the SOA minimum to 1 minutes for a popular domain which only runs IPv4. The result is that there is constantly a large number of queries for AAAA record throughout the day and the two set of authoritative name servers are becoming slow. These queries come from dual-stack Windows 7 and MAC PCs which always ask for AAAA record before A record when accessing a website. In the absence of AAAA record, the authoritative name servers will reply no such record (NXDOMAIN) and the negative cache period of NXDOMAIN in those querying resolvers is defined by SOA minimum (60 seconds) . After 60 seconds, any query for the domain in resolvers will lookup for AAAA record again.
It is important to set the SOA minimum to a higher value like 1 hour (3600 sec) for protecting the authoritative name servers from overloading. As more and more users change to use Windows 7, the DNS traffic for asking non-existing AAAA record will boost. All DNS administrators have a role to play for the smooth and steady operations of the Internet.
No comments:
Post a Comment