latform you probably won't=
<br>
care about this, and even then you still probably don't care unless<br>
you've been receiving alerts about them. Turn back now!<br>
<br>
Still here? OK.<br>
<br>
I've recently implemented DNS secondary domain zone age alerts. They<br=
>
send alerts when the zone on BitFolk's nameservers is too old. This<br>
saves me having to read logs and open a support ticket to advise<br>
customers that the zone transfers are failing, so I'm all in favour<br>
of that.<br>
<br>
The definition of "too old" differs on a per-domain basis. There =
are<br>
two values in the SOA record of a DNS domain; refresh and expire.<br>
The refresh value tells secondary servers how often to check in<br>
with the primary.<br>
<br>
The expire value tells secondary servers how long they should<br>
consider themselves valid for without successful contact with the<br>
primary. If there is no contact with the primary for the expire<br>
period then the secondary server stops serving the domain and<br>
returns SERVFAIL for every query.<br>
<br>
So, based on the above, a DNS domain should never be "older" than=
<br>
refresh. If it is older then that means that at least one refresh<br>
attempt failed. If the age approaches expire then the domain is in<br>
danger of not being served.<br>
<br>
At the moment I have decided to send a warning alert on 150% of<br>
refresh and a critical alert on 50% of expire.<br>
<br>
RIPE recommends 84600 (one day) for refresh and 3600000 (1000 hours;<br>
almost 6 weeks) for expire:<br>
<br>
=C2=A0 =C2=A0<a href=3D"
http://www.ripe.net/ripe/docs/ripe-203" target=3D"=
_blank">
http://www.ripe.net/ripe/docs/ripe-203</a><br>
<br>
RFC1912 (1996) recommends one day for refresh and 2-4 weeks for<br>
expire:<br>
<br>
=C2=A0 =C2=A0<a href=3D"
http://www.faqs.org/rfcs/rfc1912.html" target=3D"_=
blank">
http://www.faqs.org/rfcs/rfc1912.html</a><br>
<br>
So let's say you go with RIPE's recommendations. You'd receive<=
br>
a warning alert after your secondary DNS setup was broken for 36 hours,<br>
and you'd receive a critical alert if it was still broken after 500<br>
hours (almost 3 weeks). 500 hours after that, your domain stops<br>
being served on the secondary servers.<br>
<br>
That seems reasonable.<br>
<br>
Finally getting around to the point of this email: what do you think<br>
I should do about problematic SOA values that customers have chosen?<br>
<br>
For example, there are some domains currently on BitFolk's servers<br>
where the refresh and expire are both set to 300 seconds (5<br>
minutes). Ignoring what happens with alerts for a moment, that means<br>
that every 5 minutes the secondary servers check the primary, and if<br>
that fails even once, the domain will return SERVFAIL for all<br>
queries until contact is made again.<br>
<br>
I can't understand what the use is of such a fragile setting; it<br>
looks erroneous to me. This isn't just DNS purism saying, "ooh, I<=
br>
don't like your non-standard values!" It will actually cause<br>
breakage very easily. But perhaps it is not for me to reason why.<br>
<br>
Those domains have been like that for a long time and I assume no<br>
one has noticed. It must have caused some problems any time the<br>
primary nameserver was unreachable by the secondary servers. But<br>
arguably that is not my problem.<br>
<br>
When combined with this new alerting though, what happens is that<br>
there isn't a refresh for 5 minutes
