At Sat, 2 Dec 2017 20:09:25 +0530, Mukund Sivaraman <m...@isc.org> wrote:
> > Strictly speaking yes, it is the same as when a Secondary does not update > > the zone for a long time. > > An authoritiative server operator knows what the consequence of setting > SOA RDATA fields is. It isn't the same as a cache extending TTL as it > sees fit, in spite of the loose coherency among primary and secondaries. > > I don't agree a downstream cache has authoritiative say about extending > TTLs (except exceptional circumstances where the authority is > unreachable ~serve-stale). +1. I'd accept some level of liberty that an implementation can take, such as ISC BIND 9 extending a 0-TTL of glue to 1 second: /* * Glue with 0 TTL causes problems. We force the TTL to * 1 second to prevent this. */ if (rdataset->ttl == 0) rdataset->ttl = 1; but it should be limited to a quite small range. How much is acceptable may be debatable, but I wouldn't consider "Stretching TTL from 1 Hour [...] for 10% or 10 minutes" to be acceptable at the discretion of an implementation. -- JINMEI, Tatuya _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop