[dns-operations] Surprising behaviour by certain authoritative name servers

Anand Buddhdev anandb at ripe.net
Tue Jan 7 15:07:44 UTC 2020


On 07/01/2020 15:20, Niall O'Reilly wrote:

Hi Niall,

> What's surprising is that an authoritative name server
> shows both a decremented TTL value (as if it were answering
> from cache) and the AA flag.

It could be tinydns, using this feature:

"You may include a timestamp on each line. If ttl is nonzero (or
omitted), the timestamp is a starting time for the information in the
line; the line will be ignored before that time. If ttl is zero, the
timestamp is an ending time (``time to die'') for the information in the
line; tinydns dynamically adjusts ttl so that the line's DNS records are
not cached for more than a few seconds past the ending time. A timestamp
is an external TAI64 timestamp, printed as 16 lowercase hexadecimal
characters. For example, the lines

+www.heaven.af.mil:1.2.3.4:0:4000000038af1379
+www.heaven.af.mil:1.2.3.7::4000000038af1379

specify that www.heaven.af.mil will have address 1.2.3.4 until time
4000000038af1379 (2000-02-19 22:04:31 UTC) and will then switch to IP
address 1.2.3.7."

Regards,
Anand Buddhdev



More information about the dns-operations mailing list