RFC 1536 (rfc1536) - Page 3 of 12

Common DNS Implementation Errors and Suggested Fixes

RFC 1536            Common DNS Implementation Errors        October 1993


FIXES:

      a. Estimate round-trip times or set a reasonably high initial
         time-out.

      b. Back-off timeout periods exponentially.

      c. Yet another fundamental though difficult fix is to send the
         client an acknowledgement of a query, with a round-trip time
         estimate.

   Since UDP is used, no response is expected by the client until the
   query is complete.  Thus, it is less likely to have information about
   previous packets on which to estimate its back-off time.  Unless, you
   maintain state across queries, so subsequent queries to the same
   server use information from previous queries.  Unfortunately, such
   estimates are likely to be inaccurate for chained requests since the
   variance is likely to be high.

   The fix chosen in the ARDP library used by Prospero is that the
   server will send an initial acknowledgement to the client in those
   cases where the server expects the query to take a long time (as
   might be the case for chained queries).  This initial acknowledgement
   can include an expected time to wait before retrying.

   This fix is more difficult since it requires that the client software
   also be trained to expect the acknowledgement packet. This, in an
   internet of millions of hosts is at best a hard problem.

2. Recursion Bugs

   When a server receives a client request, it first looks up its zone
   data and the cache to check if the query can be answered. If the
   answer is unavailable in either place, the server seeks names of
   servers that are more likely to have the information, in its cache or
   zone data. It then does one of two things. If the client desires the
   server to recurse and the server architecture allows recursion, the
   server chains this request to these known servers closest to the
   queried name. If the client doesn't seek recursion or if the server
   cannot handle recursion, it returns the list of name servers to the
   client assuming the client knows what to do with these records.

   The client queries this new list of name servers to get either the
   answer, or names of another set of name servers to query. This
   process repeats until the client is satisfied. Servers might also go
   through this chaining process if the server returns a CNAME record
   for the queried name. Some servers reprocess this name to try and get
   the desired record type.



Kumar, Postel, Neuman, Danzig & Miller