00:00:00 Cache receives a reply with a AAAA record for foobar.example, with a
TTL of 86400
01:00:00 Cache receives a reply NXDOMAIN when asking QNAME=example
02:00:00 Cache receives a AAAA request for foobar.example
With today's software, the cache will reply (the TTL is not over). I
find that a violation of the tree model of the DNS. I find more
elegant if cache replies NXDOMAIN.
Seems to me this is a theological argument about the meaning of TTL. I
understand the TTL to be the server telling the client "here is the
answer, and you can believe it for TTL seconds."
If your DNS data changes hourly, why would you use a TTL of a day?
Or if you want the more consistent behavior, when a cache gets an
NXDOMAIN, it can at that time flush any entries with names under the it.
I suppose that means that we need a cache where you can look down the tree
as well as up. Ugh.
R's,
John
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
