Negative caching on DNS

Today I have increased the SOA minimum TTL value to increase my negative caching period but I have seen that no DNS server respect my change:) Here are two different results;

From Google server 8.8.8.8

[root@tux1 ~]# dig test.rtoodtoo.net

; <<>> DiG 9.7.4b1-RedHat-9.7.4-0.3.b1.fc14 <<>> test.rtoodtoo.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29540
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;test.rtoodtoo.net. IN A

;; AUTHORITY SECTION:
rtoodtoo.net. 1800 IN SOA ns1.rtoodtoo.com. hostmaster.rtoodtoo.com. 2012032202 10800 900 1814400 86400

;; Query time: 1432 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Mar 22 21:28:39 2012
;; MSG SIZE  rcvd: 98

From another cache server:

tux2:/etc/bind# dig test.rtoodtoo.net

; <<>> DiG 9.6-ESV-R4 <<>> test.rtoodtoo.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29364
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;test.rtoodtoo.net. IN A

;; AUTHORITY SECTION:
rtoodtoo.net. 10800 IN SOA ns1.rtoodtoo.com. hostmaster.rtoodtoo.com. 2012032202 10800 900 1814400 86400

;; Query time: 9 msec
;; SERVER: 193.25.114.2#53(193.25.114.2)
;; WHEN: Thu Mar 22 21:16:22 2012
;; MSG SIZE  rcvd: 98

What does this really mean? I thought, there must be a limitation somewhere and I checked RFC 2308 (Negative Caching of DNS Queries) but I don't see any limitation although BIND documentation at zytrax.com says maximum value allowed by RFC is 3 hours, I couldn't see any text saying this šŸ™ I will dig later when I have more time...

About: rtoodtoo

Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN // JNCIE-SEC #223 / RHCE / PCNSE


You have a feedback?

Discover more from RtoDto.net

Subscribe now to keep reading and get access to the full archive.

Continue reading