0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsCopyright (C) 1999-2001, 2004, 2016 Internet Systems Consortium, Inc. ("ISC")
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsThis Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark AndrewsLicense, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrewsfile, You can obtain one at http://mozilla.org/MPL/2.0/.
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews$Id: ncache,v 1.7 2004/03/05 05:04:46 marka Exp $
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob HalleyNegative Caching
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob HalleyThe non-DNSSEC case is pretty easy.
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halley foundname = soa name
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halley rdataset = soa
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob HalleyDNSSEC complicates things a lot, because we have to return one or more NXT
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleyrecords (if we have them) as proof. Another tricky bit here is that we may
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleyhave an NXT record so we know the answer is NODATA, but we don't have the SOA
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleyso we can't make a NODATA response that a non-DNSSEC-aware server could
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleycache. Life would sure be easier if we knew if the client understood DNSSEC.
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob HalleyNot sure what to do in this case. Probably return delegation to force client
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleyto ask authority.
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David LawrencePerhaps we should just create some kind of meta-rdata, the "negative cache
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob HalleyOr maybe something like:
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleydns_rdataset_ncachefirst()
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleydns_rdataset_ncachenext()
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleydns_rdataset_ncachecurrent()
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleydns_db_ncachenew(db, type) /* type can be any */
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleydns_db_ncachesoa(name, rdataset)
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleydns_db_ncachenxt(name, rdataset)
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob Halleydns_db_ncacheadd(db, name, version)
73f4d29ef46f9bbcb104b3dd54393c702848a0abBob HalleyIck. I favor the former.