[Pdns-users] Feedback on the recursor 3.0 requested + 3.0.1

Stephen Harker stephen at positive-internet.com
Wed May 10 09:32:09 UTC 2006


bert hubert wrote:
> On Thu, May 04, 2006 at 06:16:20PM +0100, Stephen Harker wrote:
>> ;; ANSWER SECTION:
>> noblemarine.co.uk.      10518   IN      MX      20
>> bludger.positive-internet.com.
>> noblemarine.co.uk.      68      IN      MX      10
>> pop3.positive-internet.com.
> 
> Stephen, I spent quite some time pondering your setup. RFC 2181 says:
> 
>    Resource Records also have a time to live (TTL).  It is possible for
>    the RRs in an RRSet to have different TTLs.  No uses for this have
>    been found that cannot be better accomplished in other ways.  This
>    can, however, cause partial replies (not marked "truncated") from a
>    caching server, where the TTLs for some but not all the RRs in the
>    RRSet have expired.
> 
>    Consequently the use of differing TTLs in an RRSet is hereby
>    deprecated, the TTLs of all RRs in an RRSet must be the same.
> 
> So in a sense, you are feeding the internet bad data, and getting bad
> results in return, which has an amount of fairness to it.
> 
> You are in luck though as the RFC tries to have its cake and eat it too:
> 
>    Should an authoritative source send such a malformed RRSet, the client
>    should treat the RRs for all purposes as if all TTLs in the
>    RRSet had been set to the value of the lowest TTL in the RRSet.
> 
> Implemented in http://wiki.powerdns.com/projects/trac/changeset/819
> 
> But you should still fix your broken ttls!

Just to follow up to the list, we have fixed the few records in our
authoratative DNS that had this issue, but it's still nice to know that
our resolver will do "the right thing" if other domains are broken in
this way.

Thanks a lot for your quick response. The new 3.1-pre1 recursor works a
treat!

Stephen


More information about the Pdns-users mailing list