ttl for negative responses is not following rfc2308
Chris Thompson
cet1 at cam.ac.uk
Fri Aug 19 14:42:36 UTC 2011
On Aug 19 2011, 刘明星:) wrote:
>I test BIND 9.7.2-P2 and thus find the ttl for negative responses is
>not following rfc2308, and instead check the $TTL. If the TTL is smaller
>than 3h, negative ttl is set to the TTL, otherwise to check mimum TTL.
>If the value is smaller than 3h, negative ttl is set to the ttl,
>otherwise set to 3h(10800)
Why do you say this is "not following RFC 2308"? To quote from that
document (end of section 5)
| As with caching positive responses it is sensible for a resolver to
| limit for how long it will cache a negative response as the protocol
| supports caching for up to 68 years. Such a limit should not be
| greater than that applied to positive answers and preferably be
| tunable. Values of one to three hours have been found to work well
| and would make sensible a default. Values exceeding one day have
| been found to be problematic.
BIND's default cutoff value of 3 hours can be altered by using
max-ncache-ttl option if you need to.
--
Chris Thompson
Email: cet1 at cam.ac.uk
More information about the bind-users
mailing list