0-TTL when querying "invalid" soa

Tue, 29 Jan 2019 07:24:42 -0800 

Hi list
The following "invalid" soa-query responds with NXDOMAIN and with a ttl of 0 for the SOA-Record in the authoritative section: 
$ dig +norec +noquestion @ns1.yahoo.com. soa asfasdfdas.yahoo.com
; <<>> DiG 9.11.3-1ubuntu1.3-Ubuntu <<>> +norec +noquestion @ns1.yahoo.com. soa asfasdfdas.yahoo.com 
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42800
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1272
; COOKIE: 352e18e0eb38280a875e08255c506acd96bbdf698575699e (good)
;; AUTHORITY SECTION:
yahoo.com. 0 IN SOA ns1.yahoo.com. hostmaster.yahoo-inc.com. 2019012908 3600 300 1814400 600
When directly querying the "valid" soa record, then the correct ttl for the soa-record is shown: 
~$ dig +norec +noquestion @ns1.yahoo.com. soa yahoo.com
; <<>> DiG 9.11.3-1ubuntu1.3-Ubuntu <<>> +norec +noquestion @ns1.yahoo.com. soa yahoo.com 
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12677
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 9

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1272
; COOKIE: af18a9cdfa9d627675f37ac25c506ae626caee21d6718b5c (good)
;; ANSWER SECTION:
yahoo.com. 1800 IN SOA ns1.yahoo.com. hostmaster.yahoo-inc.com. 2019012908 3600 300 1814400 600
When directly forcing an NXDOMAIN (query an A-record, which doesn't exist), then the correct ttl for negative-caching is shown: 
$ dig +norec +noquestion @ns1.yahoo.com. asdfasfdasf.yahoo.com
; <<>> DiG 9.11.3-1ubuntu1.3-Ubuntu <<>> +norec +noquestion @ns1.yahoo.com. asdfasfdasf.yahoo.com 
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15170
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1272
; COOKIE: 8050b624605c3cb9c99cb11e5c506b0d0bd93eb038992f6a (good)
;; AUTHORITY SECTION:
yahoo.com. 600 IN SOA ns1.yahoo.com. hostmaster.yahoo-inc.com. 2019012908 3600 300 1814400 600
When querying the authoritative google-ns for "soa asdfasdfdas.google.com", then a ttl of 60s is shown: 
$ dig +norec +noquestion @ns1.google.com. soa asdfasdfasd.google.com
; <<>> DiG 9.11.3-1ubuntu1.3-Ubuntu <<>> +norec +noquestion @ns1.google.com. soa asdfasdfasd.google.com 
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41492
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; AUTHORITY SECTION:
google.com. 60 IN SOA ns1.google.com. dns-admin.google.com. 231384568 900 900 1800 60
We're running BIND-9.12.3-P1 on our authoritative servers and we have the same behavior with 0-ttl with a invalid soa-query. Is this bind-specific? Why does an invalid soa-record responds with 0-ttl in the authority-section? 

Thank you.
Kind regards,
Tom
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to