unbound NXDOMAIN TTL shared between records

Tony Finch dot at dotat.at
Fri Aug 21 15:32:33 UTC 2015

Patrik Lundin via Unbound-users <unbound-users at unbound.net> wrote:
> The first lookup (which also suspiciously seems to use the SOA TTL of 7200
> rather than the NXDOMAIN TTL of 18000):

RFC 2308 section 5

   Like normal answers negative answers have a time to live (TTL).  As
   there is no record in the answer section to which this TTL can be
   applied, the TTL must be carried by another method.  This is done by
   including the SOA record from the zone in the authority section of
   the reply.  When the authoritative server creates this record its TTL
   is taken from the minimum of the SOA.MINIMUM field and SOA's TTL.

f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Plymouth: Southerly 4 or 5 becoming variable 3 or 4. Slight or moderate. Rain
or drizzle, fog patches. Moderate or good, occasionally very poor.

More information about the Unbound-users mailing list