[Freeipa-devel] [PATCH 0152] Replace TTL values > 2^31-1 with 0.
tbabej at redhat.com
Fri May 3 13:04:26 UTC 2013
On 05/03/2013 02:55 PM, Petr Spacek wrote:
> On 3.5.2013 14:35, Tomas Babej wrote:
>> On 04/30/2013 03:45 PM, Petr Spacek wrote:
>>> Replace TTL values > 2^31-1 with 0.
>>> The rule comes from RFC 2181 section 8.
>>> Freeipa-devel mailing list
>>> Freeipa-devel at redhat.com
>> ACK, works fine.
>> Just one question though, the patch as it is leaves the invalid TTL
>> value in
>> the tree,
>> even though it is never interpreted as one (thanks to this patch).
>> $ ipa dnsrecord-show ipa.example.com skuska --all
>> Record name: skuska
>> Time to live: 2147483648
>> A record: 192.168.0.1
>> objectclass: top, idnsrecord
>> from /var/log/messages:
>> named: entry
>> entry TTL 2147483648 > MAXTTL, setting TTL to 0
>> Wouldn't that be confusing to the user? Shouldn't we fix the TTL
>> value set in
>> the entry as well?
> It is exactly what "original" BIND does. I would like to imitate the
> same behaviour if you are not against it strongly.
> I think that:
> 1) Somebody could use bind-dyndb-ldap with read-only access to LDAP.
> 2) It will unnecessarily complicate the code.
I'm not strongly against it, just opening a discussion.
I agree that this is probably a path of the least surprise if it
imitates BIND behaviour.
Read-only access is a reasonable argument as well.
Have my confirmed ACK then, thanks for the clarification.
More information about the Freeipa-devel