On Fri, 2021-10-22 at 13:22 -0400, Dan Hanks wrote: > On Fri, Oct 22, 2021 at 9:57 AM Dan Hanks <danha...@gmail.com> wrote: > > Greetings, > > > > As I understand RFC 2308, when receiving an NXDOMAIN response, and when > > deciding how long to cache that NXDOMAIN response, a resolver should use > > whichever value is lower of the SOA TTL, and the SOA.minimum value as the > > length of time to cache the NXDOMAIN. > > I interpret this to mean that an authoritative resolver should set the > TTL on the SOA record included in the AUTHORITY section of an NXDOMAIN > response to be the minimum of the zone SOA TTL, and the SOA.minimum > field. It does not look like Route53 is doing this.
Indeed, Route53 is not doing this, but they should. I spoke to them about this some time ago, and they do intend to fix it, as far as I understand. See also https://lists.dns-oarc.net/pipermail/dns-operations/2021-September/021362.html Kind regards, -- Peter van Dijk PowerDNS.COM BV - https://www.powerdns.com/ _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users