[dns-operations] TTL=0

Andrew Sullivan ajs at anvilwalrusden.com
Sun Jan 20 22:42:27 UTC 2019

On Sat, Jan 19, 2019 at 10:10:36AM -0800, m3047 wrote:
> Let me frame it this way: if you're not the authoritative source, then why
> are you sending me something with a TTL of zero: hasn't it expired?

If the TTL is actually 0 in the original authoritative zone, then you
nevertheless must be able to pass it along to a client that is asking
you.  Otherwise the RRset could never resolve.  The TTL controls how
long a cache should keep an RRset, not whether it should be delivered
to the original source of the query when the resolution is in process.
That does not imply that the model is one of DNS resolution taking no
time, but the resolver is not the cache.

> circumstances may not be acceptable. Perhaps the application treats the

Given that getaddrinfo() doesn't expose the TTL at all, most
applications can't respect the TTL anyway.  This is different under
getdnsapi, but so far I am not aware of many applications completely
dependent on that API.

> In a nutshell, sometimes things just stop working when records with a TTL of
> zero show up

Yes.  As a general rule, TTL==0 is not your best bet, for sure.

Andrew Sullivan
ajs at anvilwalrusden.com

More information about the dns-operations mailing list