On 2026-02-26 15:50 UTC, Jim Reid <[email protected]> wrote:
>> On 26 Feb 2026, at 15:11, Florian Obser <[email protected]> wrote:
>>
>> How can the LocalRoot server figure out what the real expire time is
>> when using http? At what time should it stop using the zone file and
>> switch to querying the root name servers?
>
> Surely the SOA record's metadata answers those questions? Maybe I'm
> missing something.
Yes, it's the expire time. The root zone currently expires 604800
seconds (i.e. one week) after it gets loaded:
. 86400 IN SOA a.root-servers.net.
nstld.verisign-grs.com. (
2026022602 ; serial
1800 ; refresh (30 minutes)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
Note that this is an interval, not a time stamp. If I load a root zone
from ten days ago it will be valid for another week. Surely that is not
correct.
Now, if you squint just right, the serial kinda looks like a date. The
02 at the end looks a bit weird, maybe that's 2 a.m.?
The only thing we know about this number is this (RFC 1035):
SERIAL The unsigned 32 bit version number of the original copy
of the zone. Zone transfers preserve this value. This
value wraps and should be compared using sequence space
arithmetic.
I'm not aware of any nameserver that tries to interpret that number as a
date. I'm also not aware of any document that states that the serial
number of the root zone has any meaning beyond what 1035 tells us.
>
> Apologies for using a meaningful and relevant Subject: header.
>
> _______________________________________________
> DNSOP mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
--
In my defence, I have been left unsupervised.
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
