Re: [DNSOP] valid value range for SOA REFRESH/RETRY/EXPIRE

[神明達哉]

At Fri, 18 Oct 2019 10:49:40 +1100,
Mark Andrews  wrote:

> > > > one obvious interpretation is that REFRESH/RETRY/EXPIRE are signed
32
> > > > bit integers.
> > >
> > > They are all intervals.  How do you have a negative interval?
> >
> > I actually didn't expect they can be negative.  My main question is
> > whether values larger than 2^31-1 should be considered valid.
>
> Well they are in range.

I was not sure if they are really "in range".  If the RFC explicitly
says "*unsigned* 32-bit time interval", yes, but with the lack of
"unsigned" (while explicitly using "unsigned" for SERIAL and MINIMUM)
it seemed ambiguous.  That's why I asked the question in the first
place.

> That said slaves can and do apply sanity
> checks to these values.  Both too low and too high cause operational
> problems.

Agreed, I already noted essentially the same point in my first message.

Anyway, my interpretation of the responses so far (or the lack of
thereof) is that no one knows (or cares about) the exact range (per
protocol standard) for these parameters.  That's not the best result I
wished to see, but at least it looks like I didn't miss anything
obvious for others.

--
JINMEI, Tatuya
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

[DNSOP] Save the date: ICANN DNS Symposium (IDS) 2020

[Matt Larson]

[cid:2C03D4CD-467D-4E8D-8041-FCA94EDEECEB]

Dear colleagues,

It is my pleasure to invite you to save the date for our fourth ICANN DNS 
Symposium (IDS 2020), to be held 7-8 May 2020 in 
Paris, France at the Paris Marriott Rive Gauche Hotel & Conference 
Center
 hotel. IDS 2020 is co-locating with the fifth GDD Industry 
Summit (3-6 May 2020), the Registration 
Operations Workshop (6 May) and the OARC 
33 workshop (9-10 May) hosted by 
DNS-OARC.

The theme for the ICANN DNS Symposium (IDS) 2020 is: "DNS ecosystem security: 
we're all in this together". As the DNS protocol and its ecosystem have 
matured, the risk tradeoffs and threat landscape have evolved with it. IDS 2020 
will focus on measurements and mitigation measures driven by continued progress 
led by community work.

The first day will focus on measurements and statistics of all aspects of the 
DNS ecosystem. We expect to cover topics of interest for people from Internet 
service provider communities to application developers, and folks with 
registrar, registries, registrants and user perspectives.

The second day of the IDS will focus on changes in technology, protocols and 
operations, and the effects those changes have on the DNS for good or ill..

A call for presentations will be posted early next year. Visit 
https://www.icann.org/ids for more information on the venue and previous IDS 
events.

Thanks, and we hope to see you there!

Matt
--
Matt Larson, VP of Research
ICANN Office of the CTO

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] valid value range for SOA REFRESH/RETRY/EXPIRE

[Kevin Darcy]

[ Classification Level: PUBLIC ]

Sorry, I misread the thread. I thought it was for all values in the SOA.
RFC 1982 is specific to only the serial, not relevant to
REFRESH/RETRY/EXPIRE.

Not enough caffeine...

   - Kevin

On Fri, Oct 18, 2019 at 11:28 AM Kevin Darcy 
wrote:

> [ Classification Level: PUBLIC ]
>
> Apologies if this sounds condescending, but I haven't seen RFC 1982
> mentioned in this thread so far.
>
> While that RFC may not be the last word on the acceptable values of
> SOA.SERIAL, in normal operation, it does contain some advice on how to
> effectuate (or avoid) a "reset" of a zone's serial.
>
>
> - Kevin
>
> On Thu, Oct 17, 2019 at 7:49 PM Mark Andrews  wrote:
>
>>
>>
>> > On 18 Oct 2019, at 10:46 am, 神明達哉  wrote:
>> >
>> > At Fri, 18 Oct 2019 10:25:29 +1100,
>> > Mark Andrews  wrote:
>> >
>> > > > one obvious interpretation is that REFRESH/RETRY/EXPIRE are signed
>> 32
>> > > > bit integers.
>> > >
>> > > They are all intervals.  How do you have a negative interval?
>> >
>> > I actually didn't expect they can be negative.  My main question is
>> > whether values larger than 2^31-1 should be considered valid.
>>
>> Well they are in range.  That said slaves can and do apply sanity
>> checks to these values.  Both too low and too high cause operational
>> problems.
>>
>> Mark
>>
>> > --
>> > JINMEI, Tatuya
>>
>> --
>> Mark Andrews, ISC
>> 1 Seymour St., Dundas Valley, NSW 2117, Australia
>> PHONE: +61 2 9871 4742  INTERNET: ma...@isc.org
>>
>> ___
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
>>
>
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] valid value range for SOA REFRESH/RETRY/EXPIRE

[Kevin Darcy]

[ Classification Level: PUBLIC ]

Apologies if this sounds condescending, but I haven't seen RFC 1982
mentioned in this thread so far.

While that RFC may not be the last word on the acceptable values of
SOA.SERIAL, in normal operation, it does contain some advice on how to
effectuate (or avoid) a "reset" of a zone's serial.


  - Kevin

On Thu, Oct 17, 2019 at 7:49 PM Mark Andrews  wrote:

>
>
> > On 18 Oct 2019, at 10:46 am, 神明達哉  wrote:
> >
> > At Fri, 18 Oct 2019 10:25:29 +1100,
> > Mark Andrews  wrote:
> >
> > > > one obvious interpretation is that REFRESH/RETRY/EXPIRE are signed 32
> > > > bit integers.
> > >
> > > They are all intervals.  How do you have a negative interval?
> >
> > I actually didn't expect they can be negative.  My main question is
> > whether values larger than 2^31-1 should be considered valid.
>
> Well they are in range.  That said slaves can and do apply sanity
> checks to these values.  Both too low and too high cause operational
> problems.
>
> Mark
>
> > --
> > JINMEI, Tatuya
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742  INTERNET: ma...@isc.org
>
> ___
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop