From unknown Tue Sep 23 09:53:46 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#61485 <61485@debbugs.gnu.org> To: bug#61485 <61485@debbugs.gnu.org> Subject: Status: [PATCH] In knot-service, shorten SOA refresh to maximum recommended in RFC 1912. Reply-To: bug#61485 <61485@debbugs.gnu.org> Date: Tue, 23 Sep 2025 16:53:46 +0000 retitle 61485 [PATCH] In knot-service, shorten SOA refresh to maximum recom= mended in RFC 1912. reassign 61485 guix-patches submitter 61485 Felix Lechner severity 61485 normal tag 61485 patch thanks From debbugs-submit-bounces@debbugs.gnu.org Mon Feb 13 14:00:35 2023 Received: (at submit) by debbugs.gnu.org; 13 Feb 2023 19:00:35 +0000 Received: from localhost ([127.0.0.1]:51621 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pRe42-000488-Kx for submit@debbugs.gnu.org; Mon, 13 Feb 2023 14:00:35 -0500 Received: from lists.gnu.org ([209.51.188.17]:45274) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pRe3w-00047w-ME for submit@debbugs.gnu.org; Mon, 13 Feb 2023 14:00:33 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pRe3k-0002dq-Mb for guix-patches@gnu.org; Mon, 13 Feb 2023 14:00:16 -0500 Received: from sail-ipv4.us-core.com ([208.82.101.137]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim 4.90_1) (envelope-from ) id 1pRe3i-00037l-Jn for guix-patches@gnu.org; Mon, 13 Feb 2023 14:00:16 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; s=2017; bh=xvdPZoxsds+2KDT 9DgtzEknV6wZq5MdU4jbZqh+nebw=; h=date:subject:cc:to:from; d=lease-up.com; b=jTZeE4uBRCdFigYIMqkM9VAnILChh5rXPTAiiKbIdwu0PCWwSvNc c8LhTHZ56Zin8ZyYoRkdpOSE9klzXflnKbHF3Nn86WKgodIOyrU8n+0YGeae7ZAhnWefUe +VYguLv12xxCHyf5BCOyfgcxXR69jG2Hd4NsKCIfl1O3aqlLU= Received: by sail-ipv4.us-core.com (OpenSMTPD) with ESMTPSA id 952586bb (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO) for ; Mon, 13 Feb 2023 19:00:06 +0000 (UTC) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id 60d1f0f2; Mon, 13 Feb 2023 19:00:06 +0000 (UTC) From: Felix Lechner To: guix-patches@gnu.org Subject: [PATCH] In knot-service, shorten SOA refresh to maximum recommended in RFC 1912. Date: Mon, 13 Feb 2023 10:59:43 -0800 Message-Id: <20230213185943.31648-1-felix.lechner@lease-up.com> X-Mailer: git-send-email 2.39.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=208.82.101.137; envelope-from=felix.lechner@us-core.com; helo=sail-ipv4.us-core.com X-Spam_score_int: -16 X-Spam_score: -1.7 X-Spam_bar: - X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.1 (-) X-Debbugs-Envelope-To: submit Cc: Felix Lechner X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.1 (--) The Knot DNS service in Guix uses two days, or 48 hours, for the SOA refresh interval but that is outside the range of RFC 1912, which is entitled "Common DNS Operational and Configuration Errors." [1] Section 2.2 of RFC 1912 recommends a maximum of 12 hours for the SOA refresh rate: "You can keep it short (20 mins to 2 hours) if you aren't worried about a small increase in bandwidth used, or longer (2-12 hours) if your Internet connection is slow or is started on demand." This commit sets the default refresh interval at the nearest value recommended by the standard, which is 12 hours. Due to the widespread adoption of NOTIFY messages between primary and secondary DNS servers, the SOA refresh interval has arguably lost some importance, but the Guix default should still be in line with the standards. Values outside the recommended range can provoke warning messages from services commonly used to find bugs in DNS configurations, such as the MX Toolbox Super Tool. [2] [1] https://datatracker.ietf.org/doc/rfc1912/ [2] https://mxtoolbox.com/SuperTool.aspx --- gnu/services/dns.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm index 50753b7ab6..32fb8c0664 100644 --- a/gnu/services/dns.scm +++ b/gnu/services/dns.scm @@ -114,7 +114,7 @@ (define-record-type* (serial zone-file-serial (default 1)) (refresh zone-file-refresh - (default (* 2 24 3600))) + (default (* 12 3600))) (retry zone-file-retry (default (* 15 60))) (expiry zone-file-expiry base-commit: ee69b60426d4f87ea19e32f757f1e7415ae58879 -- 2.39.1 From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 06 03:15:35 2023 Received: (at 61485-done) by debbugs.gnu.org; 6 Mar 2023 08:15:35 +0000 Received: from localhost ([127.0.0.1]:41310 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pZ60N-0003gS-12 for submit@debbugs.gnu.org; Mon, 06 Mar 2023 03:15:35 -0500 Received: from mail.envs.net ([5.199.136.28]:35338) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pZ60K-0003gI-NS for 61485-done@debbugs.gnu.org; Mon, 06 Mar 2023 03:15:33 -0500 Received: from localhost (mail.envs.net [127.0.0.1]) by mail.envs.net (Postfix) with ESMTP id 0523F38A0874; Mon, 6 Mar 2023 08:15:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=envs.net; s=modoboa; t=1678090531; bh=kT+TfSMFYWU8CIAVP5ufBWaNQpDtu7o0YJpMuQ7OcNE=; h=From:To:Cc:Subject:References:Date:In-Reply-To:From; b=HjPorK6+XV7vD3flYTyntLO0Eso41TZdhwmmPRDL7Xzpd5AHTO15q4Z2qj+o77ft4 j3X0OBmlGlnZ7NLn9jPb2ZT1WpSlp8FKf6fSiGvXBZrGsnIXnNRK14Xb7mKVe/5qy7 ApeGNsTKNKfVwH7qN6TKc86bE/PfBCN2XJ29bvWiWrqUIpB5N0OYVKPfZqyvYrm6Q8 lsSr2Je119RWcONUmXDMs2WcQZlbd2TvQEIGl+3nKWDkzgZj0yuvMdRjoKcVpYbbdk KWzxnu39w0owM0NXgEUdEBw6HaoB4P4w/CRNG/dRVC85e3hAUf8OXhDkEwvkmKHlKR 1ojHyVIHeymPBk8JImnnCfn6xty9w6NGUNAyrTEJbU/lEMXsG5sK2yKPWzBLVKg+dB YWJBRLHXCz2pVIY24huYGixEyi11DMlSrQJcLbOLcJt/VeXTC9mEAbCS8IJZGOKMet xzilx0TFImvfdPTFR80kS7bSN/zUn2gfYRPoq0Ai4P3PhfQgIkj63zCR0yfgXgSz/f iqVIHXvWE2WeHlp/CoWflvkWctOCWg6LFFkRiKG3gthAdmUAr2kCbJK7kPnyeNmL3B xB0OZXpv95JfIkekEeCl9JMtP+V0JwpLOGEeypr0aq8fjYhvowYHkAuV0UH3gnJB3n Z8EXBLe/H9J8CTsKxw7SCxTk= X-Virus-Scanned: Debian amavisd-new at mail.envs.net Received: from mail.envs.net ([127.0.0.1]) by localhost (mail.envs.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id yfFVIPvOVtKu; Mon, 6 Mar 2023 08:15:28 +0000 (UTC) Received: from localhost (unknown [182.150.116.135]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.envs.net (Postfix) with ESMTPSA; Mon, 6 Mar 2023 08:15:28 +0000 (UTC) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id 482f34fa; Mon, 6 Mar 2023 08:15:48 +0000 (UTC) From: =?utf-8?B?5a6L5paH5q2m?= To: Felix Lechner Subject: Re: bug#61485: [PATCH] In knot-service, shorten SOA refresh to maximum recommended in RFC 1912. References: <20230213185943.31648-1-felix.lechner@lease-up.com> Date: Mon, 06 Mar 2023 16:15:48 +0800 In-Reply-To: <20230213185943.31648-1-felix.lechner@lease-up.com> (Felix Lechner's message of "Mon, 13 Feb 2023 10:59:43 -0800") Message-ID: <87y1oapa6j.fsf@envs.net> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 61485-done Cc: 61485-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Felix Lechner writes: > The Knot DNS service in Guix uses two days, or 48 hours, for the SOA > refresh interval but that is outside the range of RFC 1912, which is > entitled "Common DNS Operational and Configuration Errors." [1] > [..] Pushed, thank you! From unknown Tue Sep 23 09:53:46 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Mon, 03 Apr 2023 11:24:10 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator