search

StackExchange / dnscontrol

Infrastructure as code for DNS!
https://dnscontrol.org/
MIT License
3.08k stars 390 forks source link

BUG: TTL mismatch warning too aggressive #2190

Closed tlimoncelli closed 1 year ago

tlimoncelli commented 1 year ago 
2023/02/28 17:49:56 printIR.go:110: WARNING: inconsistent TTLs at "tower.pennocktech.us": A:86400 AAAA:86400 SSHFP:3600
2023/02/28 17:49:56 printIR.go:110: WARNING: inconsistent TTLs at "home.pennock.cloud": ALIAS:14400 TXT:7200

This is bogus: TTLs must be consistent within an RRset, so all A must have the same TTL, and all AAAA must have the same TTL, and all SSHFP must have the same TTL, but those do not need to be the same. You probably want to keep A/AAAA the same for ease of diagnosis, but the cache refresh depends upon "having results for this RR-type". So you can't have 3 A records for the same name with differing TTLs, else once the first expires the cache will just continue serving the others, having no clue that it should refresh. But different RR-types, it's fine.

tlimoncelli commented 1 year ago

CC @philpennock