SOA TTL in negative answers

[Tony Finch]

Not sure if this is a BIND question or a standards question.

I'm experimenting with some stats gathering. To get the zone of a domain
name I'm making a SOA query, which will either return a positive answer
(if the domain is a zone apex) or a negative answer with the enclosing
zone's SOA in the authority section.

I noticed that the TTL on the SOA in NXDOMAIN replies is always zero.
If I query for a different nonexistent type then the TTL is what I expect.
This weirdness doesn't occur for noerror/nodata.

$ dig +noall +authority soa nxdomain.dotat.at
dotat.at. 0 IN SOA black.dotat.at. dot.dotat.at. 757 3600 600 604800 60

$ dig +noall +authority txt nxdomain.dotat.at
dotat.at. 60 IN SOA black.dotat.at. dot.dotat.at. 757 3600 600 604800 60

$ dig +noall +authority soa www.dotat.at
dotat.at. 60 IN SOA black.dotat.at. dot.dotat.at. 757 3600 600 604800 60

$ dig +noall +authority txt www.dotat.at
dotat.at. 60 IN SOA black.dotat.at. dot.dotat.at. 757 3600 600 604800 60

I note that BIND and NSD behave differently:

$ dig +noall +authority soa nxdomain. @f.root-servers.net.
. 0 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012060600 1800 900 604800 86400

$ dig +noall +authority soa nxdomain. @l.root-servers.net.
. 86400 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012060600 1800 900 604800 86400

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Lundy, Fastnet: Mainly south becoming cyclonic, 4 or 5 increasing 6 to gale 8,
occasionally severe gale 9 later. Moderate becoming rough or very rough,
occasionally high later in south. Rain. Moderate, occasionally poor.