{"draft":"draft-ietf-dnsop-serve-stale-10","doc_id":"RFC8767","title":"Serving Stale Data to Improve DNS Resiliency","authors":["D. Lawrence","W. Kumari","P. Sood"],"format":["HTML","TEXT","PDF","XML"],"page_count":"12","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Domain Name System Operations","abstract":"This document defines a method (serve-stale) for recursive resolvers\r\nto use stale DNS data to avoid outages when authoritative nameservers\r\ncannot be reached to refresh expired data. One of the motivations for\r\nserve-stale is to make the DNS more resilient to DoS attacks and\r\nthereby make them less attractive as an attack vector. This document\r\nupdates the definitions of TTL from RFCs 1034 and 1035 so that data\r\ncan be kept in the cache beyond the TTL expiry; it also updates RFC\r\n2181 by interpreting values with the high-order bit set as being\r\npositive, rather than 0, and suggests a cap of 7 days.","pub_date":"March 2020","keywords":["DNS","DDoS","Resiliency","Denial-of-Service","Expired"],"obsoletes":[],"obsoleted_by":[],"updates":["RFC1034","RFC1035","RFC2181"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8767","errata_url":null}