nsupdate, dnssec, minimum ttl
Casey Deccio
casey at deccio.net
Thu Jun 17 19:26:12 UTC 2010
On Thu, Jun 17, 2010 at 12:10 PM, Eric Ham <ericham at usc.edu> wrote:
>
> It would appear that the NSEC and RRSIG NSEC TTLs are set to my example.com zone's minimum TTL which is 86400 instead of inheriting the TTL I set of 7200.
>
>From RFC 4034 (section 4):
The NSEC RR SHOULD have the same TTL value as the SOA minimum TTL
field. This is in the spirit of negative caching ([RFC 2308]).
Regards,
Casey
More information about the bind-users
mailing list