IETF Logo Mail Archive

Re: [DNSOP] Caching of negative zone (non-authoritative) responses

Ted Lemon <mellon@fugue.com> Mon, 08 July 2019 18:06 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42018120089 for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2019 11:06:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.604
X-Spam-Level:
X-Spam-Status: No, score=-0.604 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kum5U_PFmowt for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2019 11:05:58 -0700 (PDT)
Received: from mail-qk1-x732.google.com (mail-qk1-x732.google.com [IPv6:2607:f8b0:4864:20::732]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FA07120020 for <dnsop@ietf.org>; Mon, 8 Jul 2019 11:05:58 -0700 (PDT)
Received: by mail-qk1-x732.google.com with SMTP id r6so14053591qkc.0 for <dnsop@ietf.org>; Mon, 08 Jul 2019 11:05:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ftW7UgpFsRiBuajsPQY6Y8wCEEWaQX7doSSaGWs5cq0=; b=uHAKuxoELmJdFKcrJ0VKX/86tTCDcPwWfGebEaHjRCed0D+E17V7UftfH/dsjDaWmT AxHu8YeA5MeRsSd+K2osAI10T1/vvwdY3GXVZ9IAHa+SZiNEX1/SS2GZAF0swOnxXkfw 670Q9BbR86cpx49NgM/Z0fW2RxcsGNDGbfn05Ee4WH0EpI5Sae/Mty+mErIb4rpy0pOs usOX+YQMCpw95vVdMXgJzr6B1sixhSnqNLtP0hOqT3NcCRGGOWWknmbke1FshMFIydRT pkzl1YduDH8KDJFBR031VXn1m1Evv4GuJeHPnpBNpApaxTZwbrWjcaM4I0BHcSSxZw+X iaQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ftW7UgpFsRiBuajsPQY6Y8wCEEWaQX7doSSaGWs5cq0=; b=JvH2jy75axo5m63GRV/sYaVPyqwBUX5v6vWd1pM4v2AA+ZHeXeTCc1UwgFIBHq5CVk 5SldAz46QRcHLiBthxSEtdbSEhhvua5H3y33q1VnqO7elfpDAN+cHQ2AZWnyzJmCT9j7 mnfSudINSCjMvSNT8QxMT3nzwrXVwTXLNhXnJX3yPFug/br9PjXHSAkQPPZU0h8CBTlY jIBfe5Z/9Dp+hKdYqiHEzvp4v2c0DljK+5QKDSAMqMBLcKezOPIFgqLSPjIZGEIzwVFC 5Tj7jU0B/hAU3wH3Pb24vNs7TR4o6dFuTMo4Yta4yT1zgaH2COUXh4HN7dGVeK0kp1Qn 1EdA==
X-Gm-Message-State: APjAAAWpj603CstNyIYXHsTwgV7PqeenBh8dxa8sdYKZ3oSbuJRuUkbG bD9+pdHF7gEaWnlbx63iozIF1HnwUIs=
X-Google-Smtp-Source: APXvYqwxNgmfFAZNHo603/6MivnISdm8yhgCuZaqF5eVY0oU/Lq2NLsRvQMtAq5eEtntm/IjUvm8TA==
X-Received: by 2002:a05:620a:16da:: with SMTP id a26mr15483625qkn.376.1562609157548; Mon, 08 Jul 2019 11:05:57 -0700 (PDT)
Received: from [10.0.100.13] (c-73-186-137-119.hsd1.nh.comcast.net. [73.186.137.119]) by smtp.gmail.com with ESMTPSA id g21sm4281918qtq.79.2019.07.08.11.05.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 08 Jul 2019 11:05:56 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (1.0)
From: Ted Lemon <mellon@fugue.com>
X-Mailer: iPhone Mail (16G67)
In-Reply-To: <21eb2ea6-88be-54c5-eee0-2d1fd1b1d424@godaddy.com>
Date: Mon, 08 Jul 2019 14:05:56 -0400
Cc: Paul Vixie <paul@redbarn.org>, "dnsop@ietf.org" <dnsop@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <6E8BFC47-D840-4AB4-98DE-C6717F1DB13E@fugue.com>
References: <BYAPR02MB51900835E25A720BB9BF23C8DBF60@BYAPR02MB5190.namprd02.prod.outlook.com> <2604325.6lOYsMJmL1@linux-9daj> <21eb2ea6-88be-54c5-eee0-2d1fd1b1d424@godaddy.com>
To: "Michael J. Sheldon" <msheldon@godaddy.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/jSUCepPOa_WVYARTopEe6cLzkHY>
Subject: Re: [DNSOP] Caching of negative zone (non-authoritative) responses
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2019 18:06:01 -0000

The parent zone TTL would work fine. 

Sent from my iPhone

> On Jul 8, 2019, at 2:02 PM, Michael J. Sheldon <msheldon@godaddy.com> wrote:
> 
> 
> 
>> On 7/8/19 10:56 AM, Paul Vixie wrote:
>> i've always sent back SERVFAIL when the zone isn't loaded, on either a primary
>> or secondary (authoritative, that is) server. and i cache SERVFAIL on the
>> recursive/iterative side with a holddown timer equal to the negative TTL
>> interval (SOA.MINIMUM).
>> 
>> but i didn't realize that the standard doesn't say to do this, until i read
>> the above.
>> 
>> --
>> Paul
>> 
>> 
> 
> BIND returns REFUSED, so that's what I've always used, for maximum
> consistency/compatibility.
> 
> What SOA.minimum are you returning? Which SOA? And on what record would
> it be returned? The issue is that there is no matching zone.
> 
> -- 
> Michael Sheldon
> Dev-DNS Services
> GoDaddy.com
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email