Problems with bind9 caching too long
Ronan Flood
ronan at noc.ulcc.ac.uk
Wed Mar 16 00:07:27 UTC 2005
Fred Viles <fv+abuse at nospam.usen.epitools.com> wrote:
> Phil Dibowitz <phil at usc.edu> wrote:
>
> > No - that's my point... the TTL of the NS records isn't being
> > obeyed!
>
> But that's wrong. It's not that the TTL isn't being obeyed, it's
> that the TTL of the NS records isn't being exceeded. Every time a
> caching server makes a query for any name in the domain to the
> authoritative server, it gets a fresh copy of the authoritative NS
> records and starts a fresh TTL countdown.
Apparently so, but Phil thinks it shouldn't. I agree with him (FWIW),
the fresh copies of the NS records should not override the TTL on the
existing NS records in the cache; they should be allowed to count down
and expire, forcing new lookup via the delegation from the parent zone.
--
Ronan Flood <R.Flood at noc.ulcc.ac.uk>
working for but not speaking for
Network Services, University of London Computer Centre
(which means: don't bother ULCC if I've said something you don't like)
More information about the bind-users
mailing list