override ttl=0
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Jan 3 14:15:33 UTC 2008
On Thu, Jan 03, 2008 at 02:59:09PM +0100,
Adam Tkac <atkac at redhat.com> wrote
a message of 26 lines which said:
> It means if one server is broken you have to include similar patch
> to other servers. And this is really not solution. Broken server
> has to be fixed.
I don't think there was a broken server anywhere. The issue is with
broken *configurations*, people who put TTL=0 in their zone file
because they don't understand caching and fear it.
Most (all?) administrators of big DNS recursors observe a trend
towards more and more TTL=0 records, trend probably driven by people
who feel simpler to disable the DNS caching, specially when using
things like dynamic DNS. These administrators of big DNS recursors see
that trend as both an abuse (a legal one but an abuse nevertheless) of
the DNS and as an immediate danger for their servers. Hence the
request to have a way to violate the DNS protocol (something which
should obviously be activated only on a specific request from a
consenting adult).
Remember: the one who takes the decision (using TTL=0) is not the one
who pays for it (in terms of larger work for the recursor). So, it
seems reasonable that the persons who pay have some sort of control.
More information about the bind-users
mailing list