SOA Minimum error

Jim Reid jim at
Sun Mar 26 21:58:16 UTC 2000

>>>>> "Roger" == Roger Marquis <not-for-mail at> writes:

    Roger> Adding $TTL will prevent the error message, it will also
    Roger> break all known versions of nslint.

Breaking old, broken code shouldn't keep the world awake at night.

    Roger> This is a bug, not a feature.  The default zone TTL is
    Roger> already specified after the default zone serialno, refresh,
    Roger> retry, and expire.  Whovever added the "default, default"
    Roger> TTL qualification evidently bypassed any code reviews.

You are completely and utterly wrong about this. The default zone TTL
was *never* the purpose of the last field of the SOA record, though it
was regularly misused as such. This was fixed by RFC2308. The $TTL
directive was added as the least painful way of making name servers
implement negative caching correctly. Go and read RFC2308. The author
of that RFC - a very frequent contributor to this list! - is most
likely to be the author of the code in BIND8 which implements both the
$TTL directive and negative caching.

If you'd ever bothered to read RFC1035 or RFC2308, you'd see that the
final field (MINUMUM) of the SOA record is "The unsigned 32 bit
minimum TTL field that should be exported with any RR from this
zone". And "However, MINIMUM is used in all query operations that
retrieve RRs from a zone.  Whenever a RR is sent in a response to a
query, the TTL field is set to the maximum of the TTL field from the
RR and the MINIMUM field in the appropriate SOA. Thus MINIMUM is a
lower bound on the TTL field for all RRs in a zone". Few name servers
- including BIND - used the SOA MINIMUM field in this way, so RFC2308
took the opportunity to refine how this field was to be used. Using a
$TTL directive to set the TTL on resource records that didn't have an
explicit TTL was the easiest way to do this, given that the MINIMUM
field of the SOA record has been redefined for use in negative caching.

More information about the bind-users mailing list