INTERNET-DRAFT Mark Andrews (CSIRO) January 1997 Updates: RFC 1034 Negative Caching of DNS Queries (DNS NCACHE) Status of This Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other docu- ments at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). Abstract When [RFC1034] was written there were no DNS servers that imple- mented negative caching [RFC1034 Section 4.3.4]. This document replaces [RFC1034 Section 4.3.4] in the light of experience. Negative caching is a optional part of the DNS specification and deals with the caching of the non-existence of a RRset or domainname. 1 - Negative Caching A server MAY add a SOA RR to the additional section of a response. The SOA record is that of the containing zone, or a cached RR. If it is from the containing zone on a authoritative server the TTL is initialised to the MINIMUM field otherwise it is the cached TTL value decremented by Expires July 1997 [Page 1] INTERNET-DRAFT DNS NCACHE January 1997 the time in the cache. This SOA record MAY NOT be used to answer a SOA query. A negative response MAY be cached if there is a SOA record in the authority section of the the response. When the SOA record is cached it must be cached such that it can only be retrieved by reference to the tuple or in the case of a name error. The query name is either the name given in the query sec- tion or the last connonical name when there are CNAMEs in the answer section. Negative responses without SOA records SHOULD NOT be cached as there is no way to reliably purge them from the cache. When caching a negative response a server MUST store the contents of the received SOA in the authority section such that it can be restored in the answer's additional section. The TTL of this stored record decre- ments with time. 2 - Changes from RFC 1034 Non-authoritative negative answers MAY be cached. The SOA record from the authority section MUST be cached so that it is retrievable by reference to the tuple. Name error indications need only match . A cached SOA record MAY be added to the response. This was explicitly NOT allowed. Expires July 1997 [Page 2] INTERNET-DRAFT DNS NCACHE January 1997 References [RFC1034]P. Mockapetris, ``DOMAIN NAMES - CONCEPTS AND FACILITIES,'' RFC 1034, ISI, November 1987. Authors' Addresses Mark Andrews CSIRO - Mathematical and Information Sciences Locked Bag 17 North Ryde NSW 2113 AUSTRALIA +61 2 9325 3148 Expires July 1997 [Page 3]