[nsd-users] nsd sends TTL == 0

W.C.A. Wijngaards wouter at nlnetlabs.nl
Wed Jan 21 08:38:42 UTC 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Uwe,

On 01/20/2015 09:12 PM, Uwe Kleine-König wrote:
> Hello,
> 
> one of the secondary servers for my domains uses nsd (the others
> bind) and there is a strange effect that nsd sends a zero TTL field
> for a certain request while the servers running bind do not.

Yes it is nicer to send a nonzero TTL to assist caching.  Fixed this
for NSD.  Thank you for the detailed bug report.

Best regards,
   Wouter


> Using Debian's nsd 4.1.0-2 I can reproduce the behavior with the 
> following setup:
> 
> uwe at perseus:/etc/nsd$ cat nsd.conf zone: name: myfirst.zone 
> zonefile: /etc/nsd/zones/myfirst.zone zone: name: mysecond.zone 
> zonefile: /etc/nsd/zones/mysecond.zone
> 
> uwe at perseus:/etc/nsd$ cat zones/myfirst.zone $TTL 86400 @   IN SOA
> localhost. hostmaster.myfirst.zone. ( 2015011201   ; serial 14400
> ; refresh 1800         ; retry 604800       ; expire 43200 )      ;
> minimum  @			IN NS		localhost.  hostname		IN A		78.47.169.190 www
> IN CNAME	hostname
> 
> uwe at perseus:/etc/nsd$ cat zones/mysecond.zone $TTL 86400 @   IN SOA
> localhost. hostmaster.myfirst.zone. ( 2015011202   ; serial 14400
> ; refresh 1800         ; retry 604800       ; expire 43200 )      ;
> minimum  @                       IN NS           localhost.  @
> IN DNAME        myfirst.zone.
> 
> Then the strange TTL value can be seen using the following
> request:
> 
> uwe at perseus:/etc/nsd$ dig @localhost www.mysecond.zone  ; <<>> DiG
> 9.9.5-8-Debian <<>> @localhost www.mysecond.zone ; (2 servers
> found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<-
> opcode: QUERY, status: NOERROR, id: 47941 ;; flags: qr aa rd;
> QUERY: 1, ANSWER: 4, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING:
> recursion requested but not available  ;; OPT PSEUDOSECTION: ;
> EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: 
> ;www.mysecond.zone.		IN	A  ;; ANSWER SECTION: mysecond.zone.		86400
> IN	DNAME	myfirst.zone. www.mysecond.zone.	0	IN	CNAME
> www.myfirst.zone. www.myfirst.zone.	86400	IN	CNAME
> hostname.myfirst.zone. hostname.myfirst.zone.	86400	IN	A
> 78.47.169.190  ;; AUTHORITY SECTION: myfirst.zone.		86400	IN	NS
> localhost.  ;; Query time: 0 msec ;; SERVER: ::1#53(::1) ;; WHEN:
> Tue Jan 20 20:35:01 CET 2015 ;; MSG SIZE  rcvd: 160
> 
> The 2nd line in the answer section has a TTL of 0. The zone files
> are cut down a bit and the names are changed, but the real zones
> look similar and the name servers running bind report a TTL of
> 86400 there.
> 
> Is this a bug or did I configure anything wrong here? dnsviz.net
> reports this as warning ("CNAME synthesis of www.mysecond.zone.:
> TTL_ZERO").
> 
> Best regards and thanks for your time, Uwe 
> _______________________________________________ nsd-users mailing
> list nsd-users at NLnetLabs.nl 
> http://open.nlnetlabs.nl/mailman/listinfo/nsd-users
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUv2WSAAoJEJ9vHC1+BF+NTesP/RDEGpmhBgoCO87QGtjT3jVd
Q/rWoPCcsLaKE7/yPt1jksVn3xjZtmCeG9WmQ4Nf7w5wph963oofXf0oVle+C8xj
t806NilWXzno20HgJL2rQG+isLMxPRSkj7/vo5z+Nf5dnCLzK9V7YC6LEyQrW3Um
GGUZclVoqd0t60Kmyq7fVg/CIaEv69O7lBm/3Jq34dQCyRJILyqf44oVdeieQsly
evjGaT63vgbGkoErgcG1tmtCf1LwMP8KzxBatuaoR/K2utW6uZvhUGz6YarKReKz
h+iA6SqPGdkJu/9lki/VSwE5QmDQz8JYL2bvQ2DADZqQqdF0v5uU3YWV1e8HeGmX
GlbhLJ/ecwxfYD8BDn/rcpGBvt8Ap1MROcAeJv1bosxe72y+rRChdN6pS8Qm1uC5
SJOW+GFbqDaI4WzPgaa72RQd1y2SKS9UkQgv4IfdooO2p/cmOMwap/tq1rvrb6qA
ZMkWCv5NgvIiKMpCDjB47IW4oFfJLcjCUtBa4YhrxaSQXNZkekluOOzT0i/KUsF0
86pCZNJ0kAKdnGIvP94M+46gFobnC/p0dirghULjXEIuFm0yjG8wpvi2jrAu1rUX
kc3lHktb1EZxn+HEIxH93MsLqpcbmkG+idTNh8mmsK9Pvyymcr/DYTY8fmXYrgIu
IWc1SfdQoY5Mo+zh8Yls
=h1qC
-----END PGP SIGNATURE-----

More information about the nsd-users mailing list