Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")

Copyright (C) 1999-2001 Internet Software Consortium.

See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.

$Id: ncache,v 1.7 2004/03/05 05:04:46 marka Exp $

Negative Caching

The non-DNSSEC case is pretty easy.

foundname = soa name

rdataset = soa

node = NULL

DNSSEC complicates things a lot, because we have to return one or more NXT

records (if we have them) as proof. Another tricky bit here is that we may

have an NXT record so we know the answer is NODATA, but we don't have the SOA

so we can't make a NODATA response that a non-DNSSEC-aware server could

cache. Life would sure be easier if we knew if the client understood DNSSEC.

Not sure what to do in this case. Probably return delegation to force client

to ask authority.

Perhaps we should just create some kind of meta-rdata, the "negative cache

rdata type"?

Or maybe something like:

dns_rdataset_ncachefirst()

dns_rdataset_ncachenext()

dns_rdataset_ncachecurrent()

dns_db_ncachenew(db, type) /* type can be any */

dns_db_ncachesoa(name, rdataset)

dns_db_ncachenxt(name, rdataset)

dns_db_ncacheadd(db, name, version)

Ick. I favor the former.