Re: [DNSOP] valid value range for SOA REFRESH/RETRY/EXPIRE
Mark Andrews <marka@isc.org> Thu, 17 October 2019 23:25 UTC
Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEA1712080C for <dnsop@ietfa.amsl.com>; Thu, 17 Oct 2019 16:25:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hS-ZgG6AliZx for <dnsop@ietfa.amsl.com>; Thu, 17 Oct 2019 16:25:33 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFBE2120168 for <dnsop@ietf.org>; Thu, 17 Oct 2019 16:25:32 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id A94923AB002; Thu, 17 Oct 2019 23:25:32 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 97AA7160054; Thu, 17 Oct 2019 23:25:32 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 7499916007B; Thu, 17 Oct 2019 23:25:32 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 3j0b1tpfqY6h; Thu, 17 Oct 2019 23:25:32 +0000 (UTC)
Received: from [1.0.0.3] (n1-40-244-161.bla1.nsw.optusnet.com.au [1.40.244.161]) by zmx1.isc.org (Postfix) with ESMTPSA id C46BD160054; Thu, 17 Oct 2019 23:25:31 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Mark Andrews <marka@isc.org>
In-Reply-To: <CAJE_bqcM1PvmwR-icgz4UJuwsV_21FGs615OmExvWmHCVZX4Jw@mail.gmail.com>
Date: Fri, 18 Oct 2019 10:25:29 +1100
Cc: dnsop <dnsop@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <F8B56E64-AC0A-441E-A9C9-56E4BF02238F@isc.org>
References: <CAJE_bqcM1PvmwR-icgz4UJuwsV_21FGs615OmExvWmHCVZX4Jw@mail.gmail.com>
To: 神明達哉 <jinmei@wide.ad.jp>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/D9F2iTpnLC05YT3BkIzYwiO7g7o>
Subject: Re: [DNSOP] valid value range for SOA REFRESH/RETRY/EXPIRE
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Oct 2019 23:25:35 -0000
> On 18 Oct 2019, at 10:11 am, 神明達哉 <jinmei@wide.ad.jp> wrote: > > I have a question for which I believe there's an answer already that I > couldn't find: what's the valid range for SOA REFRESH/RETRY/EXPIRE > values? > > RFC1035 says: > > REFRESH A 32 bit time interval ... > RETRY A 32 bit time interval ... > EXPIRE A 32 bit time value ... > > and since it explicitly uses "unsigned" for SERIAL and MINIMUM, e.g: > > SERIAL The unsigned 32 bit version number of the original copy REFRESH A 32 bit time interval before the zone should be refreshed. RETRY A 32 bit time interval that should elapse before a failed refresh should be retried. EXPIRE A 32 bit time value that specifies the upper limit on the time interval that can elapse before the zone is no longer authoritative. > one obvious interpretation is that REFRESH/RETRY/EXPIRE are signed 32 > bit integers. They are all intervals. How do you have a negative interval? > And, since negative values for these don't make much > sense, we might even interpret it similar to RR TTLs as clarified in > RFC2181, i.e., 0 <= REFRESH/RETRY/EXPIRE <= 2^31-1. > > Is this correct? Implementations seem to vary on this point, btw. > From my quick experiment with some code reading, > - BIND 9 accepts any unsigned 32-bit values > - Same for Knot > - NSD treats them like TTL (values >= 2^31 are reduced to the "default > TTL" value) > (I've only checked at the primary side; I didn't do any test how the > secondary side of the implementation uses these values when they are > very large). > > Such huge values for these parameters don't make sense in practice > anyway, so this is probably a pedantic question. But if anyone knows > an authoritative reference that can answer it I'd appreciate it very > much. > > Thanks, > > -- > JINMEI, Tatuya > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- [DNSOP] valid value range for SOA REFRESH/RETRY/E… 神明達哉
- Re: [DNSOP] valid value range for SOA REFRESH/RET… Mark Andrews
- Re: [DNSOP] valid value range for SOA REFRESH/RET… 神明達哉
- Re: [DNSOP] valid value range for SOA REFRESH/RET… Mark Andrews
- Re: [DNSOP] valid value range for SOA REFRESH/RET… Kevin Darcy
- Re: [DNSOP] valid value range for SOA REFRESH/RET… Kevin Darcy
- Re: [DNSOP] valid value range for SOA REFRESH/RET… 神明達哉
- Re: [DNSOP] valid value range for SOA REFRESH/RET… Tony Finch