I setup a local zone example.com and set the default ttl to 86400. Use unbound as the recursive server and config a stub_zone example.com address to the local server setup above. When I dig example.com soa, I got the following answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38345 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 2 ;; QUESTION SECTION: ;example.com. IN SOA ;; ANSWER SECTION: example.com. 86400 IN SOA NS1.example.com. root.example.com. 2010091701 3600 900 604800 3600 ;; AUTHORITY SECTION: example.com. 86400 IN NS NS2.demo.example.com. example.com. 86400 IN NS NS1.example.com. example.com. 86400 IN NS NS3.noexist.cn. ;; ADDITIONAL SECTION: NS1.example.com. 86400 IN A 10.53.0.2 NS2.demo.example.com. 86400 IN A 218.241.108.15 Then I dig noexist.example.com a, I got this: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20213 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;noexist.example.com. IN A ;; AUTHORITY SECTION: example.com. 3600 IN SOA NS1.example.com. root.example.com. 2010091701 3600 900 604800 3600 Both of the above results seem to be fine, but when I dig noexist.example.com again, the ttl of the soa record changed: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59999 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;noexist.example.com. IN A ;; AUTHORITY SECTION: example.com. 86292 IN SOA NS1.example.com. root.example.com. 2010091701 3600 900 604800 3600 Anybody experienced the same thing as me? Whether the second answer should use the original ttl of the soa record? _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
