40f53fa8d9
own CVS tree will help minimize CVS conflicts. Maybe not. Blame Graff for getting me to trim all trailing whitespace.
38 lines
1.1 KiB
Plaintext
38 lines
1.1 KiB
Plaintext
Copyright (C) 1999, 2000 Internet Software Consortium.
|
|
See COPYRIGHT in the source root or http://www.isc.org/copyright for terms.
|
|
|
|
$Id: ncache,v 1.4 2000/08/01 01:18:12 tale Exp $
|
|
|
|
Negative Caching
|
|
|
|
The non-DNSSEC case is pretty easy.
|
|
|
|
foundname = soa name
|
|
rdataset = soa
|
|
node = NULL
|
|
|
|
DNSSEC complicates things a lot, because we have to return one or more NXT
|
|
records (if we have them) as proof. Another tricky bit here is that we may
|
|
have an NXT record so we know the answer is NODATA, but we don't have the SOA
|
|
so we can't make a NODATA response that a non-DNSSEC-aware server could
|
|
cache. Life would sure be easier if we knew if the client understood DNSSEC.
|
|
Not sure what to do in this case. Probably return delegation to force client
|
|
to ask authority.
|
|
|
|
|
|
Perhaps we should just create some kind of meta-rdata, the "negative cache
|
|
rdata type"?
|
|
|
|
Or maybe something like:
|
|
|
|
dns_rdataset_ncachefirst()
|
|
dns_rdataset_ncachenext()
|
|
dns_rdataset_ncachecurrent()
|
|
|
|
dns_db_ncachenew(db, type) /* type can be any */
|
|
dns_db_ncachesoa(name, rdataset)
|
|
dns_db_ncachenxt(name, rdataset)
|
|
dns_db_ncacheadd(db, name, version)
|
|
|
|
Ick. I favor the former.
|