[Dnssec-deployment] who's cache is it anyway?

Joe Abley joe.abley at icann.org
Mon Aug 8 21:09:43 EDT 2011

On 2011-08-08, at 20:27, Doug Barton wrote:

> On 08/08/2011 05:56, Joe Abley wrote:
>> On 2011-08-07, at 15:05, Jim Reid wrote:
>>> A cache on your local device  
>>> is likely to be much richer and quicker and more useful than a  
>>> possibly even bigger cache operated elsewhere by someone else. It  
>>> would be good to get some actual numbers though.
>> For what it's worth, my experience is quite the opposite. A cache used by many people has a much better hit rate than a cache used by few people, at least in an ISP context.
> If you consider the map of all possible DNS queries, sure.

Any cache which is hit with all possible DNS queries without repetition is going to have a hit rate of zero.

> In practice
> going from a cold start users will tend to populate a local cache pretty
> quickly with the queries that they care about. For records with
> reasonable TTLs the cache will then stay populated. For those with
> unreasonably short TTLs it won't matter.

What you've just described is the operation of a cache, any cache.

A cache shared by users that have something in common (same company, same country, also a residential user, users making use of the same ISP services) has the advantage that there's a greater probability of a cache hit due to a miss by someone else. A local, single-user cache will never provide such a hit, and everything else is the same.

People are sheep. That's why shared caches win.


More information about the Dnssec-deployment mailing list