Problems with bind9 caching too long

Ronan Flood ronan at
Wed Mar 16 00:07:27 UTC 2005

Fred Viles <fv+abuse at> wrote:

> Phil Dibowitz <phil at> wrote:
> > No - that's my point... the TTL of the NS records isn't being
> > obeyed!
> But that's wrong.  It's not that the TTL isn't being obeyed, it's 
> that the TTL of the NS records isn't being exceeded.  Every time a 
> caching server makes a query for any name in the domain to the 
> authoritative server, it gets a fresh copy of the authoritative NS 
> records and starts a fresh TTL countdown.

Apparently so, but Phil thinks it shouldn't.  I agree with him (FWIW),
the fresh copies of the NS records should not override the TTL on the
existing NS records in the cache; they should be allowed to count down
and expire, forcing new lookup via the delegation from the parent zone.

                      Ronan Flood <R.Flood at>
                        working for but not speaking for
             Network Services, University of London Computer Centre
     (which means: don't bother ULCC if I've said something you don't like)

More information about the bind-users mailing list