Maintained by: NLnet Labs

[Unbound-users] Strange TTL of the SOA record for a noexist domain query

Stephane Bortzmeyer
Fri May 6 15:30:52 CEST 2011


On Wed, May 04, 2011 at 01:50:34PM +0800,
 ?? <luoce at cnnic.cn> wrote 
 a message of 49 lines which said:

> When I dig example.com soa, I got the following answer:
...
> example.com.            86400   IN      SOA  NS1.example.com. root.example.com. 2010091701 3600 900 604800 3600

Fresh from the authoritative name server so TTL is the original value.

> Then I dig noexist.example.com a, I got this:
...
> example.com.            3600    IN      SOA     NS1.example.com. root.example.com. 2010091701 3600 900 604800 3600

"Artificial" value for the TTL, per RFC 2308, section 3. Nothing to do
with the value Unbound has in its cache.

> I dig noexist.example.com again, the ttl of the soa record changed:
...
> example.com.            86292   IN      SOA     NS1.example.com. root.example.com. 2010091701 3600 900 604800 3600

Original TTL of the SOA record, minus the 108 seconds elapsed between
the two tests. Not normal, should be 3600 again.

> Whether the second answer should use the original ttl of the soa
> record?

I agree with you.