[dns-operations] RFC2308, negative answer caching, and the largest gTLDs

Andrew White andrew at vivalibre.com
Wed Mar 7 23:26:36 UTC 2018

Hi all,

As we Shirley all often do, I was browsing RFC2308 (
https://tools.ietf.org/html/rfc2308 ) and noticed that a caching resolver
is supposed to cache negative answers for "x" seconds, where x is the lower
of these two values: SOA MIN field and SOA TTL.

The excerpt in question (emphasis mine):

   Name servers authoritative for a zone MUST include the SOA record of
   the zone in the authority section of the response when reporting an
   NXDOMAIN or indicating that no data of the requested type exists.
   This is required so that the response may be cached.  *The TTL of this
   record is set from the minimum of the MINIMUM field of the SOA record
   and the TTL of the SOA itself, and indicates how long a resolver may
   cache the negative answer.*  The TTL SIG record associated with the
   SOA record should also be trimmed in line with the SOA's TTL.

I posit that this implies that a given zone's SOA TTL and SOA MIN should
generally be the same.

However, com/net/org have 900 for SOA TTL and 86400 for SOA MIN. Why?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20180307/600a0a72/attachment.html>

More information about the dns-operations mailing list