Cross Reference: /bind-9.11.3/doc/design/ncache

	ncache revision dafcb997e390efa4423883dafd100c975c4095d6
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteCopyright (C) 2004  Internet Systems Consortium, Inc. ("ISC")
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteCopyright (C) 1999-2001  Internet Software Consortium.
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteSee COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte$Id: ncache,v 1.7 2004/03/05 05:04:46 marka Exp $
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteNegative Caching
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteThe non-DNSSEC case is pretty easy.
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte    foundname = soa name
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte    rdataset = soa
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte    node = NULL
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteDNSSEC complicates things a lot, because we have to return one or more NXT
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forterecords (if we have them) as proof.  Another tricky bit here is that we may
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Fortehave an NXT record so we know the answer is NODATA, but we don't have the SOA
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forteso we can't make a NODATA response that a non-DNSSEC-aware server could
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Fortecache.  Life would sure be easier if we knew if the client understood DNSSEC.
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteNot sure what to do in this case.  Probably return delegation to force client
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forteto ask authority.
450396635f70344c58b6b1e4db38cf17ff34445cJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn FortePerhaps we should just create some kind of meta-rdata, the "negative cache
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forterdata type"?
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteOr maybe something like:
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Fortedns_rdataset_ncachefirst()
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Fortedns_rdataset_ncachenext()
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Fortedns_rdataset_ncachecurrent()
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
450396635f70344c58b6b1e4db38cf17ff34445cJohn Fortedns_db_ncachenew(db, type)      /* type can be any */
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Fortedns_db_ncachesoa(name, rdataset)
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Fortedns_db_ncachenxt(name, rdataset)
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Fortedns_db_ncacheadd(db, name, version)
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn ForteIck.  I favor the former.
fcf3ce441efd61da9bb2884968af01cb7c1452ccJohn Forte