Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
dnsdist cache can send out ttl=0 answers, confusing some clients #7534
The dnsdist cache will decrement the TTL of records for you (unless configured not to). This will currently occasionally lead to TTL=0 answers going out on the wire.
It turns out there are clients that check a certain IP address continuously and will recheck in 'TTL seconds'. Perhaps this is not exactly their behaviour, but on receiving a TTL=0 answer, these devices enter into a tight loop where they keep re-retrieving the IP address until they see a non-zero TTL.
It may be wise for dnsdist to not ever return TTL=0 answers, just to prevent this problem.
Something like this was discussed in this thread on dns-operations: https://lists.dns-oarc.net/pipermail/dns-operations/2019-January/018308.html