TTL Caching

Kevin Darcy kcd at daimlerchrysler.com
Sat Feb 10 01:31:51 UTC 2001 

I suppose Microsoft is within the strict wording of the RFC. However, it
seems quite obvious to me that the *intent* of that provision is to limit
the resource impact of *unreasonable* TTL's (e.g. a one-month or one-year
TTL), or to give an implementation flexibility for dealing with
memory-exhaustion situations, rather than to give _carte_blanche_ to
arbitrary TTL-reduction. I think Microsoft is following the letter but not
the spirit of the RFC.

It also seems likely that they *misread* RFC 2181 at first and thought that
the CNAME and A records had to have the same TTL (not true, only RRs in a
particular RRset need to have their TTL's equalized/minimized, and in this
case they are different RRsets). Then, after attempting a fix and failing,
they found what they believed to be a loophole as an excuse to get out of
fixing the code.

I wonder: if an A record's TTL were *larger* than that of a CNAME which
pointed to it, would Microsoft's product now *increase* the CNAME's TTL to
make them equal? That would seem to be clearly in violation of the RFC's.
Maybe you could package that up as a test case, so they have to fix their
code anyway (which in turn might fix your *real* problem).

You might try bringing this up on namedroppers. Maybe the authors of
RFC 2181 can comment as to their original intent. Given this feedback, they
also might want to rephrase that section if the RFC is ever
superceded/updated/clarified.


- Kevin

Tim Maestas wrote:

>         I've got a question regarding the caching of TTL's I'm
>         hoping someone can clarify.  We've been arguing this with
>         Microsoft, and low and behold, they quoted rfc2181, section 8.
>         Specifically, this paragraph:
>
>   "Implementations are always free to place an upper bound on any TTL
>    received, and treat any larger values as if they were that upper
>    bound.  The TTL specifies a maximum time to live, not a mandatory
>    time to live."
>
>         The problem is that the caching resolver in Win2k seems to be
>         broken, caching records with CNAMEs incorrectly.  MS acknowledged
>         this, and gave us a fix.  However it still seemed as if their
>         implementation was broken.  We have a CNAME record, with a 3600
>         TTL.  The canonical name it references has a 1 second TTL.  MS
>         Win2k resolver caches both records with a 1 second TTL.  They say
>         that acording to rfc2181 this is legal, as the TTL is really only
>         a maximum time to live, and they are not required to cache what
>         the DNS server returns.  Is this correct?
>
>         (BTW, the original problem, with unpatched Win2k, was that the
>         A record of the canonical name referenced in the CNAME RR was
>         cached with the TTL of the CNAME.  Basically their fix just
>         reversed this behaviour, resulting in what I explained above).
> -Tim
>
> ------------------------------------------
> http://www.dnsconsultants.com
> DNS and other network consulting
> ------------------------------------------

More information about the bind-users mailing list