Re: [sipX-dev] In generated DNS zone file, the SOA "expire" time is much too small

Wed, 28 Apr 2010 12:32:02 -0700 

On Wed, 2010-04-28 at 15:05 -0400, Worley, Dale R (Dale) wrote:
> Looking at a problem a user had, I see that the DNS zone file that we 
> automatically generate has an "expire" time that is the same as the "refresh" 
> time.  In the user's example:
> 
> IN .
> $TTL 1800       ; 30 minutes
> mysipdomain.it         IN SOA  ns1.mysipdomain.it. root.mysipdomain.it. (
>                                 2010042303 ; serial
>                                 1800       ; refresh (30 minutes)
>                                 1800       ; retry (30 minutes)
>                                 1800       ; expire (30 minutes)
>                                 1800       ; minimum (30 minutes)
>                                 )
> 
> This means that if a DNS secondary cannot contact the DNS primary every 30 
> minutes, it will give up on providing answers for the domain.
> 
> Looking at RFC 1912, Common DNS Operational and Configuration Errors, I see 
> this advice:
> 
>       Expire: How long a secondary will still treat its copy of the zone
>           data as valid if it can't contact the primary.  This value
>           should be greater than how long a major outage would typically
>           last, and must be greater than the minimum and retry
>           intervals, to avoid having a secondary expire the data before
>           it gets a chance to get a new copy.  After a zone is expired a
>           secondary will still continue to try to contact the primary,
>           but it will no longer provide nameservice for the zone.  2-4
>           weeks are suggested values.
> 
> This suggests the generated expire value should be at least 2 weeks.
> 
> The template for the DNS zone file appears to be 
> sipXcommserverLib/bin/sipx-dns.in.  I think we should change the template for 
> the SOA record to:
> 
> generate_zone_header () {
>     ZoneSerialNumber=`date +%Y%m%d${SerialNumber}`
>     cat <<EOF
> \$TTL 1800
> @       IN     SOA    ns1.${SipDomain}. root.${SipDomain}. (
>                        ${ZoneSerialNumber} ; serial#
>                        1800            ; refresh, seconds
>                        1800            ; retry, seconds
>                        1209600         ; expire, seconds
>                        1800 )          ; minimum TTL, seconds
> EOF
> }
> 
> (1209600 seconds = 2 weeks)
> 
> Thoughts?

+1

_______________________________________________
sipx-dev mailing list [email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev
Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev
sipXecs IP PBX -- http://www.sipfoundry.org/

Reply via email to