Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Register
  • Sign in
  • BIND BIND
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 634
    • Issues 634
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 89
    • Merge requests 89
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • ISC Open Source ProjectsISC Open Source Projects
  • BINDBIND
  • Merge requests
  • !1591

Use nonzero SOA MINIMUM for nxdomain-redirect zone

  • Review changes

  • Download
  • Patches
  • Plain diff
Closed Michał Kępień requested to merge michal/use-nonzero-soa-minimum-for-nxdomain-redirect-zone into master Mar 04, 2019
  • Overview 7
  • Commits 1
  • Pipelines 1
  • Changes 1

In the "redirect" system test, in order to determine responses to queries that would normally result in an NXDOMAIN response, ns4 must resolve records in the "redirect" zone (served by ns3). If the "redirect" zone has its SOA MINIMUM field set to 0, ns3 will return negative responses coming from that zone with a TTL of 0. This may trigger false positives for the second nonexist/TXT check in the "redirect" system test: if ns4 resumes from recursion at a different Unix timestamp than the one at which it received the NODATA response from ns3, ns4 will return an NXDOMAIN response to dig instead of the expected NODATA one (because the cached NODATA response would no longer be eligible for being used in a response). Set SOA MINIMUM for the "redirect" zone on ns3 to 300 seconds, so that it matches the TTL of positive responses coming from that zone.

The problem described above does not apply to the first nonexist/TXT check in the "redirect" system test as it employs a "type redirect;" zone, i.e. does not involve recursion.

Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: michal/use-nonzero-soa-minimum-for-nxdomain-redirect-zone