Efficacy of using short timeout values for an A record
Chuck Swiger
cswiger at mac.com
Tue Feb 14 22:34:55 UTC 2012
On Feb 14, 2012, at 2:16 PM, Mark Andrews wrote:
>> ISC's BIND has (or had) a MINTTL value of 5 minutes / 300 seconds.
>> It's probably unreasonable to expect other platforms to refetch DNS
>> records faster than that.
>
> To the best of my knowlege this is just plain wrong.
Look at BIND-4.8.3 and check named/db_update.c around line 40:
int min_cache_ttl = (5*60); /* 5 minute minimum ttl */
...and then:
fixttl(dp)
register struct databuf *dp;
{
if (dp->d_zone == 0 && !(dp->d_flags & DB_F_HINT)) {
if (dp->d_ttl <= tt.tv_sec)
return;
else if (dp->d_ttl < tt.tv_sec+min_cache_ttl)
dp->d_ttl = tt.tv_sec+min_cache_ttl;
else if (dp->d_ttl > tt.tv_sec+max_cache_ttl)
dp->d_ttl = tt.tv_sec+max_cache_ttl;
}
return;
}
...or check named/ns_req.c around line 720 for the equivalent for a secondary NS:
if (dp->d_ttl)
ttl = dp->d_ttl;
else
ttl = zp->z_minimum; /* really default */
#ifdef notdef /* don't decrease ttl based on time since verification */
if (zp->z_type == Z_SECONDARY) {
/*
* Set ttl to value received from primary,
* less time since we verified it (but never
* less than a small positive value).
*/
ttl -= tt.tv_sec - zp->z_lastupdate;
if (ttl <= 0)
ttl = 120;
}
#endif
Regards,
--
-Chuck
More information about the bind-users
mailing list