[dns-operations] Quick analysis of TLD SOA's
Mark Andrews
marka at isc.org
Wed Jul 13 23:06:47 UTC 2011
In message <20110713201044.GC16779 at x27.adm.denic.de>, Peter Koch writes:
> On Wed, Jul 13, 2011 at 08:49:34PM +0200, Gilles Massen wrote:
>
> > Rickard Bellgrim did a nice analysis on SOA Expire vs. Signature Refresh
> > interval, with the result that .SE lowered their expire time. This is
> > something that obviously was not on the radar when most SOA
> > recommendations were written.
>
> true. What also needs to be taken into account is the length of the XFR path.
Which is infinite (a loop) in many cases. There was even a loop
presented as "best practice" earlier. This breaks expire processing
as SOA refresh queries get answered.
See draft-andrews-dnsext-expire-00 for one solution.
> -Peter
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations
mailing list