BIND 9 and TTLs

[Kevin Darcy]

The infamous "Brian" wrote:

> Hi:
>
> Have successfully installed BIND 9 on a small network (Linux 2.2.17) and had
> considerable trouble with the required TTL fields - ie HOW and WHY?
>
> If I place the "$TTL 1D" at the beginning of the zone it works fine. (1D =
> 86400s)
>
> If I place the <TTL> value in the RRs, no joy!
>
> I tried this;
>
> domain    1D    A    IN    192.168.0.1

You have the class ("IN") and type ("A") fields reversed. Other than that, it
should have worked.

> (no joy) and this;
>
> domain     A    ID   1N    192.168.0.1

"ID" and "1N" are invalid tokens, so I wouldn't have expected them to work.

> (no joy) and this;
>
> domain     A    1N   ID    192.168.0.1

Ditto.

> (no joy).
>
> All of these procedures appear to be supported by RFC 1035, specifically
> section "4.1.3". Yet in section 5.1 it states the order is arbitrary? And
> finally section 5.3 shows no deployment of the TTL field with the exception
> of the SOA minimum.
>
> I have also scoured "DNS and BIND, 2nd ed." and have come to the same
> conclusion concerning the TTL field in RRs.
>
> What is the correct syntax for BIND 9.0.0?
>
> Further, "DNS and BIND, 2nd ed."  appears to state that the default SOA MIN
> field is the default TTL for all RRs. BIND 9 requires an additional entry
> that re-states the time to live for individual RRs BUT named will NOT reload
> individual RRs but rather the entire zone so what exactly is accomplished?
> (run-on sentence at no additional cost)

_DNS_and_BIND_ 2nd Edition is somewhat outdated. RFC 2308 clarified that the
last field of the SOA record is the Negative Caching TTL, not the default or
minimum TTL. That's why BIND 9 requires the presence of a $TTL directive (also
specified in RFC 2308), or an explicit TTL on the *first* record in the zone
file; otherwise it doesn't know what TTL to use for the record(s). See
doc/misc/migration, Section 2.1.


- Kevin