Home / server / Questions / 824745
Accepted
Ole
Asked: 2017-01-07 16:05:14 +0800 CST

What triggers the usage of the negative time to live DNS SOA record value?

  • 772

I'm reading through the following dns tutorial and it has this example in it:

domain.com.  IN SOA ns1.domain.com. admin.domain.com. (
                                        12083   ; serial number
                                        3h      ; refresh interval
                                        30m     ; retry interval
                                        3w      ; expiry period
                                        1h      ; negative TTL
)

The description for the negative TTL value says this:

1h: This is the amount of time that the name server will cache a name error if it cannot find the requested name in this file.

What are the conditions that could trigger the server to cache a name error like this? An example would be really helpful.

domain-name-system soa-record

1 Answers

  1. Best Answer

    The negative caching interval in the SOA comes into play when an authoritative server indicated that the requested record did not exist. The specific cases are:

    • Replies with a response code of NXDOMAIN.
    • Replies with a NODATA synthetic state, but only forms where a SOA record is present. (NOERROR rcode, 0 answers, 1 SOA record in authority section + optional NS records)

    It's common for server software to enforce a locally configured maximum on this value, so even if you have a negative TTL of 86400 the non-existence isn't necessarily going to be cached for that long by remote recursive servers.

    The cases are covered by section RFC 2308 if you want to read further. Read section 2 as a primer, then 5-6.

    • 11