Serving Stale Data to Improve DNS Resiliency, March 2020
- File formats:
- Also available: XML file for editing
- PROPOSED STANDARD
- RFC 1034, RFC 1035, RFC 2181
- D. Lawrence
- dnsop (ops)
Cite this RFC: TXT | XML | BibTeX
Discuss this RFC: Send questions or comments to the mailing list firstname.lastname@example.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8767
This document defines a method (serve-stale) for recursive resolvers to use stale DNS data to avoid outages when authoritative nameservers cannot be reached to refresh expired data. One of the motivations for serve-stale is to make the DNS more resilient to DoS attacks and thereby make them less attractive as an attack vector. This document updates the definitions of TTL from RFCs 1034 and 1035 so that data can be kept in the cache beyond the TTL expiry; it also updates RFC 2181 by interpreting values with the high-order bit set as being positive, rather than 0, and suggests a cap of 7 days.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.