Recursive domain name service (dns) prefetching

1 .- 17 . (canceled) 18 . An apparatus, comprising: at least one processor; and program code configured upon execution by the at least one processor to handle Domain Name Service (DNS) requests by: prefetching from an authoritative DNS server DNS entries for one or more domains to build a whitelist in a recursive DNS server; and in response to a DNS request received by the recursive DNS server: accessing the whitelist to attempt to locate a matching DNS entry for the received DNS request; and in response to locating a matching DNS entry for the received DNS request, returning the matching DNS entry as a response to the DNS request. 19 . A program product, comprising: a non-transitory computer readable medium; and program code stored on the non-transitory computer readable medium and configured upon execution by at least one processor to handle Domain Name Service (DNS) requests by: prefetching from an authoritative DNS server DNS entries for one or more domains to build a whitelist in a recursive DNS server; and in response to a DNS request received by the recursive DNS server: accessing the whitelist to attempt to locate a matching DNS entry for the received DNS request; and in response to locating a matching DNS entry for the received DNS request, returning the matching DNS entry as a response to the DNS request. 20 . The apparatus of claim 18 , wherein the whitelist is a semi-authoritative whitelist. 21 . The apparatus of claim 18 , wherein the program code is further configured to monitor system load, and to access the whitelist selectively in response to the monitored system load. 22 . The apparatus of claim 21 , wherein the program code is configured to monitor system load by monitoring system load in the recursive DNS server. 23 . The apparatus of claim 21 , wherein the program code is configured to monitor system load by monitoring response time for the authoritative DNS server. 24 . The apparatus of claim 21 , wherein the program code is further configured to: activate a mode in response to determining a high system load from the monitored system load, wherein the program code accesses the whitelist only when the mode is activated when the DNS request is received by the recursive DNS server; and after activating the mode, selectively deactivate the mode in response to determining a discontinuation of the high system load from the monitored system load. 25 . The apparatus of claim 18 , wherein the program code is further configured to: cache failed DNS requests in a negative feedback cache; and in response to the DNS request received by the recursive DNS server, access the negative feedback cache and return an invalid DNS response in response to the DNS request received by the recursive DNS server matching a failed DNS request cached in the negative feedback cache. 26 . The apparatus of claim 25 , wherein the program code is configured to access the whitelist in response to the DNS request received by the recursive DNS server not matching any failed DNS request cached in the negative feedback cache. 27 . The apparatus of claim 25 , wherein the program code is further configured to remove stale failed DNS requests from the negative feedback cache. 28 . The apparatus of claim 27 , wherein the program code is configured to cache the failed DNS requests by associating each failed DNS request with a timeout, and wherein the program code is configured to remove stale failed DNS requests by removing failed DNS requests for which the associated timeout has been triggered. 29 . The apparatus of claim 25 , wherein the program code is further configured to: in response to not locating the matching DNS entry for the received DNS request, forward the DNS request received by the recursive DNS server to a different DNS server; and in response to receiving an invalid response to the forwarded DNS request from the different DNS server, cache the DNS request received by the recursive DNS server in the negative feedback cache as a failed DNS request. 30 . The apparatus of claim 25 , wherein the program code is further configured to: activate a mode in response to determining a high system load, wherein the program code is configured to access the negative feedback cache only when the mode is activated when the DNS request is received by the recursive DNS server; and after activating the mode, selectively deactivate the mode in response to determining a discontinuation of the high system load from the monitored system load. 31 . The apparatus of claim 25 , wherein the program code is further configured to apply a malicious query matching filter to the DNS request received by the recursive DNS server, and return an invalid DNS response to the DNS request received by the recursive DNS server in response to a match with the malicious query matching filter. 32 . The apparatus of claim 31 , wherein the malicious query matching filter includes a bloom filter. 33 . The apparatus of claim 18 , wherein the program code is configured to prefetch from the authoritative DNS server the DNS entries for the one or more domains by prefetching from the authoritative DNS server each sub-domain for the one or more domains. 34 . The apparatus of claim 33 , wherein the program code is further configured to update the whitelist over time by repeating prefetching from the authoritative DNS server. 35 . The apparatus of claim 18 , wherein the recursive DNS server is resident in a root DNS data processing system, an Internet Service Provider (ISP) data processing system, a network router data processing system or a client data processing system.