[rbldnsd] Associating TTL to some NXDOMAIN replies
Andrea Riguardi
riga at spamteq.com
Mon Jan 27 23:17:49 MSK 2014
On 27/01/14 19:05, John R Levine wrote:
>> It should be possible, as NXDOMAIN packets leave with their own
>> AUTHORITY section containing the SOA so -in theory- each packet could
>> actually leave with a different SOA and therefore a different TTL.
>> That SOA is not going to be cached AFAICT and will only be used with
>> regard to the TTL of NXDOMAIN for the requested RR.
>> So it shouldn't collide with the "real SOA" of the zone either.
>
> I see what you're getting at, but I wouldn't want to assume that DNS
> caches work the way that seems most obvious. I'll see if BIND-users has
> anything interesting to say.
Yeah, that came to my mind too. I'm quite confident that BIND behaves as
described above (at least: I tried and seems so). Not sure for other
implementations, though, and there are many simply doing a lot of wrong
things on many other aspects.
Probably a good question for other DNS-related ML too (DNS-OARC, perhaps?)
More information about the rbldnsd
mailing list