-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Uwe,
On 01/20/2015 09:12 PM, Uwe Kleine-K?nig wrote:> Hello,
>
> one of the secondary servers for my domains uses nsd (the others
> bind) and there is a strange effect that nsd sends a zero TTL field
> for a certain request while the servers running bind do not.
Yes it is nicer to send a nonzero TTL to assist caching. Fixed this
for NSD. Thank you for the detailed bug report.
Best regards,
Wouter
> Using Debian's nsd 4.1.0-2 I can reproduce the behavior with the
> following setup:
>
> uwe at perseus:/etc/nsd$ cat nsd.conf zone: name: myfirst.zone
> zonefile: /etc/nsd/zones/myfirst.zone zone: name: mysecond.zone
> zonefile: /etc/nsd/zones/mysecond.zone
>
> uwe at perseus:/etc/nsd$ cat zones/myfirst.zone $TTL 86400 @ IN SOA
> localhost. hostmaster.myfirst.zone. ( 2015011201 ; serial 14400
> ; refresh 1800 ; retry 604800 ; expire 43200 ) ;
> minimum @ IN NS localhost. hostname IN A 78.47.169.190 www
> IN CNAME hostname
>
> uwe at perseus:/etc/nsd$ cat zones/mysecond.zone $TTL 86400 @ IN SOA
> localhost. hostmaster.myfirst.zone. ( 2015011202 ; serial 14400
> ; refresh 1800 ; retry 604800 ; expire 43200 ) ;
> minimum @ IN NS localhost. @
> IN DNAME myfirst.zone.
>
> Then the strange TTL value can be seen using the following
> request:
>
> uwe at perseus:/etc/nsd$ dig @localhost www.mysecond.zone ;
<<>> DiG
> 9.9.5-8-Debian <<>> @localhost www.mysecond.zone ; (2 servers
> found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<-
> opcode: QUERY, status: NOERROR, id: 47941 ;; flags: qr aa rd;
> QUERY: 1, ANSWER: 4, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING:
> recursion requested but not available ;; OPT PSEUDOSECTION: ;
> EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION:
> ;www.mysecond.zone. IN A ;; ANSWER SECTION: mysecond.zone. 86400
> IN DNAME myfirst.zone. www.mysecond.zone. 0 IN CNAME
> www.myfirst.zone. www.myfirst.zone. 86400 IN CNAME
> hostname.myfirst.zone. hostname.myfirst.zone. 86400 IN A
> 78.47.169.190 ;; AUTHORITY SECTION: myfirst.zone. 86400 IN NS
> localhost. ;; Query time: 0 msec ;; SERVER: ::1#53(::1) ;; WHEN:
> Tue Jan 20 20:35:01 CET 2015 ;; MSG SIZE rcvd: 160
>
> The 2nd line in the answer section has a TTL of 0. The zone files
> are cut down a bit and the names are changed, but the real zones
> look similar and the name servers running bind report a TTL of
> 86400 there.
>
> Is this a bug or did I configure anything wrong here? dnsviz.net
> reports this as warning ("CNAME synthesis of www.mysecond.zone.:
> TTL_ZERO").
>
> Best regards and thanks for your time, Uwe
> _______________________________________________ nsd-users mailing
> list nsd-users at NLnetLabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/nsd-users
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJUv2WSAAoJEJ9vHC1+BF+NTesP/RDEGpmhBgoCO87QGtjT3jVd
Q/rWoPCcsLaKE7/yPt1jksVn3xjZtmCeG9WmQ4Nf7w5wph963oofXf0oVle+C8xj
t806NilWXzno20HgJL2rQG+isLMxPRSkj7/vo5z+Nf5dnCLzK9V7YC6LEyQrW3Um
GGUZclVoqd0t60Kmyq7fVg/CIaEv69O7lBm/3Jq34dQCyRJILyqf44oVdeieQsly
evjGaT63vgbGkoErgcG1tmtCf1LwMP8KzxBatuaoR/K2utW6uZvhUGz6YarKReKz
h+iA6SqPGdkJu/9lki/VSwE5QmDQz8JYL2bvQ2DADZqQqdF0v5uU3YWV1e8HeGmX
GlbhLJ/ecwxfYD8BDn/rcpGBvt8Ap1MROcAeJv1bosxe72y+rRChdN6pS8Qm1uC5
SJOW+GFbqDaI4WzPgaa72RQd1y2SKS9UkQgv4IfdooO2p/cmOMwap/tq1rvrb6qA
ZMkWCv5NgvIiKMpCDjB47IW4oFfJLcjCUtBa4YhrxaSQXNZkekluOOzT0i/KUsF0
86pCZNJ0kAKdnGIvP94M+46gFobnC/p0dirghULjXEIuFm0yjG8wpvi2jrAu1rUX
kc3lHktb1EZxn+HEIxH93MsLqpcbmkG+idTNh8mmsK9Pvyymcr/DYTY8fmXYrgIu
IWc1SfdQoY5Mo+zh8Yls
=h1qC
-----END PGP SIGNATURE-----