Search RFCs
RFC 8767
Serving Stale Data to Improve DNS Resiliency,March 2020
- File formats:
- Also available:XML file for editing
- Status:
- PROPOSED STANDARD
- Updates:
- RFC 1034,RFC 1035,RFC 2181
- Authors:
- D. Lawrence
W. Kumari
P. Sood - Stream:
- IETF
- Source:
- dnsop (ops)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8767
Discuss this RFC: Send questions or comments to the mailing listdnsop@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8767
Abstract
This document defines a method (serve-stale) for recursive resolversto use stale DNS data to avoid outages when authoritative nameserverscannot be reached to refresh expired data. One of the motivations forserve-stale is to make the DNS more resilient to DoS attacks andthereby make them less attractive as an attack vector. This documentupdates the definitions of TTL from RFCs 1034 and 1035 so that datacan be kept in the cache beyond the TTL expiry; it also updates RFC2181 by interpreting values with the high-order bit set as beingpositive, rather than 0, and suggests a cap of 7 days.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.