[RSSAC Caucus] Curious difference in glue TTL for root servers
Wessels, Duane
dwessels at verisign.com
Thu Jun 18 22:34:40 UTC 2020
My guess is that some implementations take the glue from the root zone and some take it from the root-servers.net zone (which has the 3600000 TTL).
DW
> On Jun 18, 2020, at 3:26 PM, Mukund Sivaraman <muks at mukund.org> wrote:
>
> There's a difference in the TTL of glue records returned in a priming
> query from different root servers. There's nothing wrong with a
> nameserver lowering the TTL in a response [RFC2181], but it's an
> observable difference in behavior. Perhaps some DNS implementation is
> clamping the glue to TTLs of the NS records. Both TTLs are observed on
> multiple root server letters respectively.
>
> [muks at jurassic ~]$ dig +nord +short @l.root-servers.net root-servers.net soa
> a.root-servers.net. nstld.verisign-grs.com. 2020060800 14400 7200 1209600 3600000
> [muks at jurassic ~]$ dig +nord @l.root-servers.net . ns
>
> ; <<>> DiG 1.1.1.20200608151533.e8a2352e96 <<>> +nord @l.root-servers.net . ns
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26630
> ;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;. IN NS
>
> ;; ANSWER SECTION:
> . 518400 IN NS a.root-servers.net.
> . 518400 IN NS b.root-servers.net.
> . 518400 IN NS c.root-servers.net.
> . 518400 IN NS d.root-servers.net.
> . 518400 IN NS e.root-servers.net.
> . 518400 IN NS f.root-servers.net.
> . 518400 IN NS g.root-servers.net.
> . 518400 IN NS h.root-servers.net.
> . 518400 IN NS i.root-servers.net.
> . 518400 IN NS j.root-servers.net.
> . 518400 IN NS k.root-servers.net.
> . 518400 IN NS l.root-servers.net.
> . 518400 IN NS m.root-servers.net.
>
> ;; ADDITIONAL SECTION:
> a.root-servers.net. 518400 IN A 198.41.0.4
> b.root-servers.net. 518400 IN A 199.9.14.201
> c.root-servers.net. 518400 IN A 192.33.4.12
> d.root-servers.net. 518400 IN A 199.7.91.13
> e.root-servers.net. 518400 IN A 192.203.230.10
> f.root-servers.net. 518400 IN A 192.5.5.241
> g.root-servers.net. 518400 IN A 192.112.36.4
> h.root-servers.net. 518400 IN A 198.97.190.53
> i.root-servers.net. 518400 IN A 192.36.148.17
> j.root-servers.net. 518400 IN A 192.58.128.30
> k.root-servers.net. 518400 IN A 193.0.14.129
> l.root-servers.net. 518400 IN A 199.7.83.42
> m.root-servers.net. 518400 IN A 202.12.27.33
> a.root-servers.net. 518400 IN AAAA 2001:503:ba3e::2:30
> b.root-servers.net. 518400 IN AAAA 2001:500:200::b
> c.root-servers.net. 518400 IN AAAA 2001:500:2::c
> d.root-servers.net. 518400 IN AAAA 2001:500:2d::d
> e.root-servers.net. 518400 IN AAAA 2001:500:a8::e
> f.root-servers.net. 518400 IN AAAA 2001:500:2f::f
> g.root-servers.net. 518400 IN AAAA 2001:500:12::d0d
> h.root-servers.net. 518400 IN AAAA 2001:500:1::53
> i.root-servers.net. 518400 IN AAAA 2001:7fe::53
> j.root-servers.net. 518400 IN AAAA 2001:503:c27::2:30
> k.root-servers.net. 518400 IN AAAA 2001:7fd::1
> l.root-servers.net. 518400 IN AAAA 2001:500:9f::42
> m.root-servers.net. 518400 IN AAAA 2001:dc3::35
>
> ;; Query time: 33 msec
> ;; SERVER: 199.7.83.42#53(199.7.83.42)
> ;; WHEN: Fri Jun 19 03:52:09 IST 2020
> ;; MSG SIZE rcvd: 811
>
> [muks at jurassic ~]$ dig +nord +short @m.root-servers.net root-servers.net soa
> a.root-servers.net. nstld.verisign-grs.com. 2020060800 14400 7200 1209600 3600000
> [muks at jurassic ~]$ dig +nord @m.root-servers.net . ns
>
> ; <<>> DiG 1.1.1.20200608151533.e8a2352e96 <<>> +nord @m.root-servers.net . ns
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45391
> ;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;. IN NS
>
> ;; ANSWER SECTION:
> . 518400 IN NS d.root-servers.net.
> . 518400 IN NS g.root-servers.net.
> . 518400 IN NS i.root-servers.net.
> . 518400 IN NS l.root-servers.net.
> . 518400 IN NS j.root-servers.net.
> . 518400 IN NS f.root-servers.net.
> . 518400 IN NS c.root-servers.net.
> . 518400 IN NS b.root-servers.net.
> . 518400 IN NS m.root-servers.net.
> . 518400 IN NS a.root-servers.net.
> . 518400 IN NS e.root-servers.net.
> . 518400 IN NS k.root-servers.net.
> . 518400 IN NS h.root-servers.net.
>
> ;; ADDITIONAL SECTION:
> a.root-servers.net. 3600000 IN A 198.41.0.4
> b.root-servers.net. 3600000 IN A 199.9.14.201
> c.root-servers.net. 3600000 IN A 192.33.4.12
> d.root-servers.net. 3600000 IN A 199.7.91.13
> e.root-servers.net. 3600000 IN A 192.203.230.10
> f.root-servers.net. 3600000 IN A 192.5.5.241
> g.root-servers.net. 3600000 IN A 192.112.36.4
> h.root-servers.net. 3600000 IN A 198.97.190.53
> i.root-servers.net. 3600000 IN A 192.36.148.17
> j.root-servers.net. 3600000 IN A 192.58.128.30
> k.root-servers.net. 3600000 IN A 193.0.14.129
> l.root-servers.net. 3600000 IN A 199.7.83.42
> m.root-servers.net. 3600000 IN A 202.12.27.33
> a.root-servers.net. 3600000 IN AAAA 2001:503:ba3e::2:30
> b.root-servers.net. 3600000 IN AAAA 2001:500:200::b
> c.root-servers.net. 3600000 IN AAAA 2001:500:2::c
> d.root-servers.net. 3600000 IN AAAA 2001:500:2d::d
> e.root-servers.net. 3600000 IN AAAA 2001:500:a8::e
> f.root-servers.net. 3600000 IN AAAA 2001:500:2f::f
> g.root-servers.net. 3600000 IN AAAA 2001:500:12::d0d
> h.root-servers.net. 3600000 IN AAAA 2001:500:1::53
> i.root-servers.net. 3600000 IN AAAA 2001:7fe::53
> j.root-servers.net. 3600000 IN AAAA 2001:503:c27::2:30
> k.root-servers.net. 3600000 IN AAAA 2001:7fd::1
> l.root-servers.net. 3600000 IN AAAA 2001:500:9f::42
> m.root-servers.net. 3600000 IN AAAA 2001:dc3::35
>
> ;; Query time: 104 msec
> ;; SERVER: 202.12.27.33#53(202.12.27.33)
> ;; WHEN: Fri Jun 19 03:51:46 IST 2020
> ;; MSG SIZE rcvd: 811
>
> [muks at jurassic ~]$
>
> Mukund
> _______________________________________________
> rssac-caucus mailing list
> rssac-caucus at icann.org
> https://secure-web.cisco.com/1VMGhS4FLagiiJzOBsS2eR_PeLSC9ab0jLxn0Wb50EOVQBZDHk3RX1BgISSjOkdeoW3Yb-OcMIM5ujqJcG5f69eMQf_aq1-O8ixs0b7_-JlMHZr2qrlkLi5BVOqYow_BHqP3eGU-O6d-zeoEVSAxOAMlVdg-JoM1MnQhJvazW_g-93N-ds9UaTygJw4wXNdJsXmX_sy2IqdX4PsBYve1j16LKorLCuEL4WBWB6VHzOwITS7A14K-2uRVCa2mbtdokEv4Dd-86yV097logpUnAgw/https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Frssac-caucus
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://secure-web.cisco.com/1unE8RKvmE0495psGjK7onXoVtKIu1ke1lqJewPoLq2K_qyZhVAiXFDAUbVSoZXxcJHxzACwEMCmE6oNoHBrJjVeQH3Fou12hN2t8U9s5evgxJlHsZfKHlLTP0iPVaAbxC202zRdp3F9HOw22PqRvyJBOWSDA-BmCgRGYFadpswX_-RiSgMpA6kfeROzQ-9bGQm4a40tUhZMLL2zpxjYNG-3fvmFU7a4LNFzVaYaeaRhD8jub1iDgZZNxqQ9zYMDWcEEBfGX4Qd3j8N3yWBz5-w/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Fpolicy) and the website Terms of Service (https://secure-web.cisco.com/1fHBRgZrLRRzXakVdjkKKJ1oa9gRMgRxSEhWaUWuyaCq_i-BluLcxrHL9ZgdicXlcVj35NsuU2P4ca03lyPsrf0BEmlY6nhXGHhWL7Ydvc7fTk1fyf34iOGiXw4W6xWysob7t7pLPjbyR4WAqfmpYtxcbsu23pO78S-UrHGDEPfgPEqjqljMY8XaoZGZI-T6mxgHTCHDY06YNTHzBAUjct9tOMIGIGud8PARzYOGuaOVdPOOPDhLAExRwsqoktjLKL7x7bpzI41QfurEw1N3znw/https%3A%2F%2Fwww.icann.org%2Fprivacy%2Ftos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4695 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/rssac-caucus/attachments/20200618/f2cf289f/smime.p7s>
More information about the rssac-caucus
mailing list