Significance of @ symbol in soa record.
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Sat Jan 11 19:02:22 UTC 2003
colors <btb at bitrate.net> wrote:
> On 2003.01.10 22.54, in article avo4ia$en1j$1 at isrv4.isc.org, "Doug Barto=
> <DougB at DougBarton.net> wrote:
>> On Fri, 10 Jan 2003, colors wrote:
>>> I am trying to learn about the significance of the '@' symbol at the s=
>>> of the line where the soa record is contained.
>> The @ symbol, wherever it appears in a zone file, stands for "the curre=
>> $ORIGIN." At the top of the zone, the $ORIGIN is set to whatever zone n=
>> was given in the 'zone "name" ...' statement in the named.conf file.
>> Personally, I find it much less confusing to specify the name of the zo=
>> in the SOA if I only have one zone per file. In a large scale operation=
>> this also helps flag errors when the wrong zone file is accidentally
>> referred to due to a typo in the conf file.
>>> I am also wondering why one might want to have a ttl for a zone's soa =
>>> set at 60 seconds..?
>> Do you mean the ttl for the SOA record, or do you mean the last field O=
>> the SOA record, which is defined by RFC 2038 to be (roughly) "the lengt=
>> of time to cache negative answers for this zone." If you mean the latte=
>> then 60 seconds is a reasonable time period, since you don't want remot=
>> resolvers constantly re-querying for a record that doesn't exist, but y=
>> don't want to prevent them from seeing something for a long time after =
>> add it.
>> Hope this helps,
>> PS, you should really go buy "DNS and BIND, Fourth Edition" and read it=
> Thanks everyone. I actually have dns and bind, 3rd edition, in which I
> originally had looked for example zone files where @ might be used - in
> fact, soa records in all of the examples in the book begin the the zone =
> spelled out, which gave me the impression that @ was equal to $ORIGIN, b=
> wanted to confirm. Upon going back through the book, I did finally find
> mention of @ usage in the appendix.
> Regarding my second question, let me give an example to clarify:
> $TTL 1D
> @ 60 in soa ns1.1safari.com. hostmaster.ns1.1safari.com. (
> 2003011000 ; serial
> 12H ; refresh
> 30M ; retry
> 2W ; expire
> 1H ) ; negative caching
> I was referring the the value 60 preceding "in soa"
You dont want it. Remove it & life is better.
( what is says id that the SOA record ( and only that ) is only allowed
to be cached 60 seconds.
The contents in the zone may be cached 1 day ( $TTL 1D )=20
and negative answers ( there is no such thing) may be=20
cached 1 hour ( 1H )
> Thanks again
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users