TOC |
|
By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”
The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.
This Internet-Draft will expire on February 27, 2009.
Provide a method for slave DNS servers to honour the SOA EXPIRE field as if they were always transferring from the master, even when using other slaves to perform indirect transfers and refresh queries.
1.
Introduction
1.1.
Reserved Words
2.
Expire EDNS option
3.
Slave Behaviour
4.
IANA Considerations
5.
Security Considerations
6.
Normative References
§
Author's Address
§
Intellectual Property and Copyright Statements
TOC |
The expire field of a DNS zone's SOA record [RFC 1035] (Mockapetris, P., “DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION,” November 1987.) is supposed to indicate when a slave server shall discard the contents of the zone when it has been unable to contact the master [RFC 1034] (Mockapetris, P., “DOMAIN NAMES - CONCEPTS AND FACILITIES,” November 1987.). Current practice works when all the slaves contact the master directly to perform refresh queries and zone transfers.
While slaves are expected to be able to transfer from other slaves for robustness reasons as well as reachability constraints, there was no mechanism provided to preserve the expiry behaviour when using a slave. Slaves instead have to know whether they were talking directly to the master or another slave, and use that to decide whether to update the expiry timer or not. This however fails to take into account delays in transferring from one slave to another.
There are also zone transfer graphs in which the slave never talks to the master, so the effective expiry period becomes multiplied the length of the zone transfer graph--which when it contains loops is infinite.
This document provides a mechanism to preserve the expiry behaviour regardless of what zone transfer graph is constructed or whether the slave is talking to the master or another slave.
TOC |
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC 2119] (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.).
TOC |
The EDNS [RFC 2671] (Vixie, P., “Extension Mechanisms for DNS (EDNS0),” August 1999.) EXPIRE option has the value <TBD>. The EDNS EXPIRE option MAY be set on any QUERY, though usually this is only done on SOA, AXFR and IXFR queries involved in zone maintenance. This is done by adding a zero length EDNS EXPIRE option to the options field of the OPT record when the query is made.
When the query is directed to the master server for the zone, the response will be a EDNS EXPIRE option of length 4 containing the current value of the SOA EXPIRE field, in network order. When the query is directed to a slave server for the zone, then the response will be an EDNS EXPIRE option of length 4 containing the value of the the EXPIRE timer, in network order.
If an EDNS EXPIRE option is sent to a server that is not authoritative for the zone then there will be no EDNS EXPIRE option added to the response.
TOC |
When a slave server performs a zone transfer request or performs a zone refresh query it SHALL add an EDNS EXPIRE option to the query message.
If a slave receives an EDNS EXPIRE option in its response to a SOA query, it SHALL update its expire timer to be the maximum of the value returned in the EDNS EXPIRE option and its current value. Similarly, if a slave receives an EDNS EXPIRE option in its response to an IXFR query which indicated the slave is up to date (serial matches current serial) the slave SHALL update the expire timer to be the maximum of the value returned in the EXPIRE EDNS option and its current value.
If the zone is transferred or updated as the result of a AXFR or IXFR query and there is a EDNS EXPIRE option with the response then the value of the EDNS EXPIRE option SHOULD be used instead of that of the SOA EXPIRE field to initialise the expire timer.
In all cases, if the value of SOA EXPIRE field is less than the value of the EDNS EXPIRE option, then the value of SOA EXPIRE field MUST be used and MUST be treated as a maximum when updating or initialising the expire timer.
TOC |
IANA is requested to assign a EDNS option code point.
TOC |
The EDNS EXPIRE option exposes how long the slaves have been out of communication with the master server. This is not believed to be a problem and may provide some benefit to monitoring systems.
TOC |
[RFC 1034] | Mockapetris, P., “DOMAIN NAMES - CONCEPTS AND FACILITIES,” STD 13, RFC 1034, November 1987. |
[RFC 1035] | Mockapetris, P., “DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION,” STD 13, RFC 1035, November 1987. |
[RFC 2119] | Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” BCP 14, RFC 2119, March 1997. |
[RFC 2671] | Vixie, P., “Extension Mechanisms for DNS (EDNS0),” RFC 2671, August 1999. |
TOC |
Mark P. Andrews | |
Internet Systems Consortium | |
950 Charter Street | |
Redwood City, CA 94063 | |
US | |
Email: | Mark_Andrews@isc.org |
TOC |
Copyright © The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an “AS IS” basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.