Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I wrote this as a pure joke, but now that I learned that SERVFAIL is not cached on browsers, clients, intermediate DNS servers [0] etc. I am curiously wondering what will be going on. It is not only FB apps, it is basically every website request (that uses FB JS for ads, tracking, etc.) that triggers a DNS request, which will be forwarded 1:1 from the ISP's DNS to the null-routed FB Subnet. This should put orders of magnitude more load on resolving DNS servers than usual.

[0]: https://serverfault.com/questions/479367/how-long-a-dns-time...



> but now that I learned that SERVFAIL is not cached on [...] intermediate DNS servers [0]

I thought so too, but at least some do cache according to Cloudflare's blog post:

> Consequently, 1.1.1.1, 8.8.8.8, and other major public DNS resolvers started issuing (and caching) SERVFAIL responses.

https://blog.cloudflare.com/october-2021-facebook-outage/


Facebook is so large that even caching the SERVFAIL with a TTL measured in seconds should cut down a lot of traffic.


As I understand my favorite resolver - unbound - has separate "infra" cache that also caches RTT times, and "down" status of name servers:

https://nlnetlabs.nl/documentation/unbound/unbound.conf/#inf...


I enjoyed the comment. You might like my short story along the same lines from a few years ago: https://bowaggoner.com/writeups/robust.html


Very fun little story. Thanks for writing it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: