[ldns-users] ldns & TTL
A. Schulze
sca at andreasschulze.de
Thu Nov 25 10:20:11 UTC 2021
Am 25.11.21 um 11:04 schrieb Willem Toorop:
> Andreas,
>
> Printing TTLs unsigned is fixed in:
>
> https://github.com/NLnetLabs/ldns/commit/42b57cb1
>
> The commit does not error on TTLs larger than 4294967295 but simply
> wraps around. It would be a less trivial patch to error on TTLs larger
> than 4294967295, which I'd like to give more attention that 1 day before
> release allows :). If it is necessary to error on that at all anyway,
> because... garbage in == garbage out? WDYT?
Hello Willem,
yes, that looks pretty easy but I didn't compile with that change yet.
The value of RFC8499 / DNS Terminology (https://datatracker.ietf.org/doc/html/rfc8499#section-5)
is a detailed specification for TTL covering also the history of updates:
> TTL: The maximum "time to live" of a resource record. "A TTL value
> is an unsigned number, with a minimum value of 0, and a maximum
> value of 2147483647. That is, a maximum of 2^31 - 1. When
> transmitted, this value shall be encoded in the less significant
> 31 bits of the 32 bit TTL field, with the most significant, or
> sign, bit set to zero." (Quoted from [RFC2181], Section 8) (Note
> that [RFC1035] erroneously stated that this is a signed integer;
> that was fixed by [RFC2181].)
The reference to RFC2181 https://datatracker.ietf.org/doc/html/rfc2181#section-8
also say:
> Implementations should treat TTL values received with the most
> significant bit set as if the entire value received was zero.
so I think, any implementation should
- reject negative values as input -> fail/error
- convert any positive input larger then 2^31 - 1 as zero -> silent or with warning
- only use 0 <= TTL <= 2^31 - 1 as output
right?
Andreas
>
> Cheers,
> -- Willem
>
> Op 24-11-2021 om 17:05 schreef Willem Toorop via ldns-users:
>> Hi Andreas,
>>
>> Op 24-11-2021 om 16:54 schreef A. Schulze via ldns-users:
>>> Hello,
>>>
>>> in a discussion about valid TTL values I noted unexpected output while feeding different TTL into ldns-read-zone.
>>>
>>> To reproduce use something like this:
>>> TTL=$( echo 'value' | bc ); echo "foo $TTL TXT \"TTL=$TTL\"" | ldns-read-zone
>>>
>>> value output
>>> ------------------------------------------------------------------
>>> 2^31 - 1 foo. 2147483647 IN TXT "TTL=2147483647"
>>> 2^31 foo. -2147483648 IN TXT "TTL=2147483648"
>>> 2^31 + 1 foo. -2147483647 IN TXT "TTL=2147483649"
>>>
>>> 2^32 - 1 foo. -1 IN TXT "TTL=4294967295"
>>> 2^32 foo. 0 IN TXT "TTL=4294967296"
>>> 2^32 + 1 foo. 1 IN TXT "TTL=4294967297"
>>>
>>> RFC 1035 define a TTL as "positive values of a signed 32 bit number"
>>> which mean to me, anything larger then 2^31 - 1 is invalid.
>>
>> There has been an errata (in 2012) changing this to an unsigned 32 bit
>> number: https://www.rfc-editor.org/errata/eid2130
>>
>> So ldns is printing it wrong! I'll fix that.
>> Just in time for the 1.8.0 release!
>>
>> Thanks,
>> -- Willem
>>
>>
>>>
>>> Could the readers please clarify about
>>> - the maximum value per RFC
>>> - whether these output of ldns-read-zone is correct
>>>
>>> Btw: I used ldns-1.8.0-rc.2
>>>
>>> Thanks,
>>> Andreas
>>>
>>>
>>> _______________________________________________
>>> ldns-users mailing list
>>> ldns-users at lists.nlnetlabs.nl
>>> https://lists.nlnetlabs.nl/mailman/listinfo/ldns-users
>>>
>> _______________________________________________
>> ldns-users mailing list
>> ldns-users at lists.nlnetlabs.nl
>> https://lists.nlnetlabs.nl/mailman/listinfo/ldns-users
>>
More information about the ldns-users
mailing list