[dns-operations] RFC2308, negative answer caching, and the largest gTLDs

Tony Finch dot at dotat.at
Fri Mar 9 11:39:32 UTC 2018

Andrew White <andrew at vivalibre.com> wrote:
> Is the assertion accurate that the SOA MIN is a noop if SOA TTL <= SOA MIN
> then? It would seem so for BIND. Do other caching resolvers handle negative
> cache TTLs differently?

The logic behind this spec might make more sense if you consider a chain
of forwarding caches.

The TTL on a normal positive answer is supposed to limit its lifetime in
the whole chain of caches, so when an upstream cache sends an answer it
decrements the TTL based on how long the record has been in its cache, so
the downstream cache sees a shorter TTL than it would if it asked the
authoritative server directly.

The same applies to negative responses, except the TTL that gets
decremented is the TTL that is returned in the SOA record in the
response's authority section.

When the authoritative server has a lower TTL on the SOA record than the
value in the SOA's MINIMUM field, a resolver treats it the same way as if
some upstream cache has already decremented the TTL by the difference.

f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Forties, Cromarty, Forth, Tyne, Dogger, Fisher, German Bight: South or
southwest 4 or 5, backing southeast 5 to 7 later. Slight or moderate. Showers,
rain later, fog patches later in German Bight. Moderate or good, occasionally
very poor later in German Bight.

More information about the dns-operations mailing list