[bind10-dev] bug? SOA TTL is not min(MINIMUM, TTL) when name error
JINMEI Tatuya / 神明達哉
jinmei at isc.org
Tue Jan 15 16:56:16 UTC 2013
At Tue, 15 Jan 2013 21:51:28 +0900 (JST),
fujiwara at jprs.co.jp wrote:
> BIND 10 auth server does not set SOA MINIMUM to TTL of SOA RR
> when name error or no type.
[...]
> RFC 2308 Section 3 says:
>
> The TTL of this
> record is set from the minimum of the MINIMUM field of the SOA record
> and the TTL of the SOA itself, and indicates how long a resolver may
> cache the negative answer.
>
> jinmei.org case, MINIMUM is 1200 and TTL of SOA RR is 86400.
>
> The TTL value of SOA RR should be 1200, I think.
Right, that's a bug.
A *complete* fix would be tricky, though, because in b10-auth RRsets
are const (pointer) objects and resetting the TTL would either require
a full copy (expensive) or breaking the const (bad practice).
But for the moment I think we should make a copy of the SOA RRset and
reset its TTL.
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
More information about the bind10-dev
mailing list