I'm sorry if this is JUST to BIND or some other
specific software. But, IMHO this is just a sample
that requests which only generate NXDOMAIN responds.
Do a DNS query for slartibartfastisacharacterinamoviewrittenbydouglasadamsthathasnotgottenverygoodreviewslatelyandisbasedontheoriginalBBCradioshowandtheresultingBBCtvminiseries.com, and you'll probably get an NXDOMAIN. Indeed, query for any other non-existent domain, and you'll get an NXDOMAIN response. That's what it means.
According to someone's presentation on NANOG ("DNS
anomailies and their impact on DNS Cache Server" ),
such record may be type of attack.
NXDOMAIN == Attack?
Please show me how you arrive at that logic.
If we only rely on
cacheing to remove paient of CPU time, cache server
load will be increased. So, what I'm tryting to ask
is , is there some mechanism proposed to deal with
such problem? BIND is just a sample.
Well, only caching servers have to worry about getting an NXDOMAIN response back. Authoritative-only servers may have to worry about sending them out, but that's pretty cheap. Indeed, it's pretty cheap for the caching servers to handle getting them.
Yes, bad clients can abuse either caching servers or authoritative-only servers by doing things that result in a lot of NXDOMAIN responses, but that falls in the category of the programmers doing whatever is possible to protect themselves and their code against whatever kind of abuse gets hurled at them by poorly-behaved clients.
As far as that goes, that's a generic problem, and in the case of nameservers there are appropriate places to discuss this sort of thing -- such as the namedroppers mailing list.
Now, if you want to drag BIND into this picture as a specific example, there are appropriate places to discuss that, too -- such as the bind-users mailing list, or maybe one of the developer-oriented BIND mailing lists.
But none of these places are NANOG, and this discussion doesn't belong here -- either in the general case of nameservers, or in the specific case of BIND.