This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[dns-wg] Updating RIPE 203

Previous message (by thread): [dns-wg] Updating RIPE 203
Next message (by thread): [dns-wg] Updating RIPE 203

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Carsten Strotmann carsten at strotmann.de
Mon Aug 14 09:17:55 CEST 2017

Hello Paul,

Paul Hoffman writes:

> On 11 Aug 2017, at 5:40, Carsten Strotmann wrote:
>
>> The original SOA values for RIPE 203:
>>
>> example.com.  3600  SOA  dns.example.com. hostmaster.example.com. (
>>                          1999022301   ; serial YYYYMMDDnn
>>                          86400        ; refresh (  24 hours)
>>                          7200         ; retry   (   2 hours)
>>                          3600000      ; expire  (1000 hours)
>>                          172800 )     ; minimum (   2 days)
>>
>> the new proposed and updated values
>>
>> $TTL 3600
>> example.com.  3600  SOA  dns.example.com. hostmaster.example.com. (
>>                          2017080101   ; serial YYYYMMDDnn
>>                          7200         ; refresh              (   2 
>> hours)
>>                          1800         ; retry                (  30 
>> minutes)
>>                          3600000      ; expire               (1000 
>> hours)
>>                          3600 )       ; minimum/negative TTL (   1 
>> hour)
>>
>
> The new values seem fine, and should not cause strain to an 
> authoritative server unless the zone's number of NXDOMAIN queries is 
> massively mis-matched with the capabilities of the server.
>
> Dropping the retry value down further seems reasonable, maybe to 5 
> minutes. You always want your secondaries to have fresh data. If you 
> have secondaries that are having problems contacting you, you have an 
> operational problem. Maybe add some text to the new version explaining 
> why this number is lower and suggesting that the watch the logs on their 
> secondaries for failures to refresh.

We'll consider this. Care must be taken that once a server is not
reachable because of too much traffic, a too low RETRY value might make
things worse. But I agree it is preferrable to have fast recovery.

>
> The idea of matching the negative TTL to the SOA TTL makes good sense, 
> and certainly is better than having a huge negative TTL.
>
> Adding the "$TTL 3600" is a great addition. If you can add text about 
> the semantic differences between the three 3600 values, that would be 
> very useful.
>

Yes, good point, I will write some info about the different TTL values
in the document.

Best regards

Carsten Strotmann

Previous message (by thread): [dns-wg] Updating RIPE 203
Next message (by thread): [dns-wg] Updating RIPE 203

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ dns-wg Archives ]