Moving DNS out of non-cooperative provider
Mark Andrews
marka at isc.org
Tue Jun 19 02:49:28 UTC 2012
In message <4FDF5396.7000609 at imperial.ac.uk>, Phil Mayers writes:
> On 18/06/12 16:49, Alexander Gurvitz wrote:
>
> > with each query gets new NS record, and... refreshes the NS TTL ?
>
> No, that's not how TTLs work. They always count down.
Which is because most for most queries there isn't a way to get new
data into the cache while there is existing data in the cache.
Additional records, NS records and SOA records are the exception.
You can also get multiple DS records if you have more than one query
to the parent zone in flight for the same child zone at anytime.
There is no RFC requirement to not add new data learnt as a side
effect of another query and in terms of cache efficiency this is a
good thing to do. That said they are reasons to limit the replacement
of NS records so that situations like this will correct without
having to flush the cache.
NS records are special as the TTL needs to be bounded and count down
based on the referral TTL while the contents needs to come from the
child zone.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list