[dns-operations] Quick analysis of TLD SOA's

Mark Andrews marka at isc.org
Wed Jul 13 23:06:47 UTC 2011

In message <20110713201044.GC16779 at x27.adm.denic.de>, Peter Koch writes:
> On Wed, Jul 13, 2011 at 08:49:34PM +0200, Gilles Massen wrote:
> > Rickard Bellgrim did a nice analysis on SOA Expire vs. Signature Refresh
> > interval, with the result that .SE lowered their expire time. This is
> > something that obviously was not on the radar when most SOA
> > recommendations were written.
> true. What also needs to be taken into account is the length of the XFR path.

Which is infinite (a loop) in many cases.  There was even a loop
presented as "best practice" earlier.  This breaks expire processing
as SOA refresh queries get answered.

See draft-andrews-dnsext-expire-00 for one solution.

> -Peter
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the dns-operations mailing list