Discussion:
Understanding TTL in "rndc dumpdb"-output
Tom
2018-10-22 15:16:49 UTC
Permalink
Hi

After querying my resolver for "testbla11.example.com", I receive a
NXDOMAIN response with a minimum-ttl (in the soa) of 3600.
When I afterwards dump the cache of my resolver (9.12.2-P1) with "rndc
dumpdb" and look for the negative ttl, then a value much bigger than
3600 is shown (608363):
# grep testbla /var/named/data/named_dump.db
testbla11.example.com. 608363 \-ANY ;-$NXDOMAIN

This number decrements every second.

What is this number? The same behavior for positive answers too. The
A-record for "www.google.com" has a TTL for 300 seconds. In the "rndc
dumpdb"-output I have a value for 605082.

Any hints?
Thank you.

Kind regards,
Tom
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Michał Kępień
2018-10-23 08:25:01 UTC
Permalink
After querying my resolver for "testbla11.example.com", I receive a NXDOMAIN
response with a minimum-ttl (in the soa) of 3600.
When I afterwards dump the cache of my resolver (9.12.2-P1) with "rndc
dumpdb" and look for the negative ttl, then a value much bigger than 3600 is
# grep testbla /var/named/data/named_dump.db
testbla11.example.com. 608363 \-ANY ;-$NXDOMAIN
This number decrements every second.
What is this number? The same behavior for positive answers too. The
A-record for "www.google.com" has a TTL for 300 seconds. In the "rndc
dumpdb"-output I have a value for 605082.
This happens due to the serve-stale feature being available in BIND 9.12
and later, with max-stale-ttl set to 604800 by default (note that this
does *not* mean serving stale answers is enabled by default). The TTLs
you are seeing in the cache dump essentially indicate how much longer
any given record will be kept in the cache database. The serve-stale
"offset" is indicated in a comment near the top of the dump; I am fairly
sure it will say "; using a 604800 second stale ttl" in your case.
--
Best regards,
Michał Kępień
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https://lists.
Tom
2018-10-24 04:34:11 UTC
Permalink
Hi Michal
Thank you for this feedback.

I've checked the serve-stale status, which is currently off.
# rndc serve-stale status
_default: off (stale-answer-ttl=1 max-stale-ttl=604800)
_bind: off (stale-answer-ttl=1 max-stale-ttl=604800)

Is this a normal behavior, that in the "rndc dumpdb" nevertheless the
TTL in the form of "serve-stale" is shown (even if the
serve-stale-status = off)?

Thank you.
Tom
Post by Michał Kępień
After querying my resolver for "testbla11.example.com", I receive a NXDOMAIN
response with a minimum-ttl (in the soa) of 3600.
When I afterwards dump the cache of my resolver (9.12.2-P1) with "rndc
dumpdb" and look for the negative ttl, then a value much bigger than 3600 is
# grep testbla /var/named/data/named_dump.db
testbla11.example.com. 608363 \-ANY ;-$NXDOMAIN
This number decrements every second.
What is this number? The same behavior for positive answers too. The
A-record for "www.google.com" has a TTL for 300 seconds. In the "rndc
dumpdb"-output I have a value for 605082.
This happens due to the serve-stale feature being available in BIND 9.12
and later, with max-stale-ttl set to 604800 by default (note that this
does *not* mean serving stale answers is enabled by default). The TTLs
you are seeing in the cache dump essentially indicate how much longer
any given record will be kept in the cache database. The serve-stale
"offset" is indicated in a comment near the top of the dump; I am fairly
sure it will say "; using a 604800 second stale ttl" in your case.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https://lists.isc.org/ma
Michał Kępień
2018-10-24 10:18:01 UTC
Permalink
Post by Tom
I've checked the serve-stale status, which is currently off.
# rndc serve-stale status
_default: off (stale-answer-ttl=1 max-stale-ttl=604800)
_bind: off (stale-answer-ttl=1 max-stale-ttl=604800)
Is this a normal behavior, that in the "rndc dumpdb" nevertheless the TTL in
the form of "serve-stale" is shown (even if the serve-stale-status = off)?
Yes, this is normal.

Once again (please take another look at the parenthesized part of my
previous response), max-stale-ttl is separate from stale-answer-enable.
--
Best regards,
Michał Kępień
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-
Loading...