<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html><body>
<p>Thank you very much.. this helped alot ..</p>
<p>Thanks again Jeremy</p>
<p>On 2012-09-21 16:13, Jeremy C. Reed wrote:</p>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px; width:100%"><!-- html ignored --><!-- head ignored --><!-- meta ignored -->
<pre>On Fri, 21 Sep 2012, Robert JR wrote:</pre>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px; width:100%">i have the minimum value in my dns server as 60 mins, and my TTL is 60 Seconds , but still when users hit a non exist record , the other dns hold the negative cache for 60 secs instead of 60 mins .. ? why ? $TTL 60 @ IN SOA NS1.TEST.BIZ. Abuse.TEST.BIZ. ( 201208281 ; serial, todays date + todays serial # 8H ; refresh, seconds 2H ; retry, seconds 4W ; expire, seconds 1H ) ; minimum, seconds ; Although my configuration above, all DNS servers that query my server, cache the non exist record for 60 seconds only and not 60 mins As mentioned in my configuration ? any ideas why ?</blockquote>
<pre>
See RFC 2308 in regards to Caching Negative Answers about how the auth
server returns an SOA for a NXDOMAIN:
``When the authoritative server creates this record its TTL
is taken from the minimum of the SOA.MINIMUM field and SOA's TTL.''
It used the the smaller TTL.
I often see the reverse -- for example, the SOA's TTL is 7200 and the
MINIMUM is 3600, so the returned record (in the auth section) has the
TTL as 3600.</pre>
</blockquote>
<p> </p>
<div> </div>
</body></html>