From patchwork Mon Feb 13 18:59:43 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Felix Lechner <felix.lechner@lease-up.com>
X-Patchwork-Id: 46931
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 80C9116734; Mon, 13 Feb 2023 19:01:48 +0000 (GMT)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,
	URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 6B27916738
	for <patchwork@mira.cbaines.net>; Mon, 13 Feb 2023 19:01:45 +0000 (GMT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1pRe4X-0002tY-OF; Mon, 13 Feb 2023 14:01:05 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pRe4V-0002rO-2M
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:01:03 -0500
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pRe4U-0003Cr-JR
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:01:02 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pRe4U-0004A3-G0
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:01:02 -0500
X-Loop: help-debbugs@gnu.org
Subject: [bug#61485] [PATCH] In knot-service,
 shorten SOA refresh to maximum recommended in RFC 1912.
Resent-From: Felix Lechner <felix.lechner@lease-up.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Mon, 13 Feb 2023 19:01:02 +0000
Resent-Message-ID: <handler.61485.B.167631483515884@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 61485
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 61485@debbugs.gnu.org
Cc: Felix Lechner <felix.lechner@lease-up.com>
X-Debbugs-Original-To: guix-patches@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.167631483515884
 (code B ref -1); Mon, 13 Feb 2023 19:01:02 +0000
Received: (at submit) by debbugs.gnu.org; 13 Feb 2023 19:00:35 +0000
Received: from localhost ([127.0.0.1]:51621 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1pRe42-000488-Kx
 for submit@debbugs.gnu.org; Mon, 13 Feb 2023 14:00:35 -0500
Received: from lists.gnu.org ([209.51.188.17]:45274)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <felix.lechner@us-core.com>) id 1pRe3w-00047w-ME
 for submit@debbugs.gnu.org; Mon, 13 Feb 2023 14:00:33 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <felix.lechner@us-core.com>)
 id 1pRe3k-0002dq-Mb
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:00:16 -0500
Received: from sail-ipv4.us-core.com ([208.82.101.137])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256)
 (Exim 4.90_1) (envelope-from <felix.lechner@us-core.com>)
 id 1pRe3i-00037l-Jn
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:00:16 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; s=2017; bh=xvdPZoxsds+2KDT
 9DgtzEknV6wZq5MdU4jbZqh+nebw=; h=date:subject:cc:to:from;
 d=lease-up.com; b=jTZeE4uBRCdFigYIMqkM9VAnILChh5rXPTAiiKbIdwu0PCWwSvNc
 c8LhTHZ56Zin8ZyYoRkdpOSE9klzXflnKbHF3Nn86WKgodIOyrU8n+0YGeae7ZAhnWefUe
 +VYguLv12xxCHyf5BCOyfgcxXR69jG2Hd4NsKCIfl1O3aqlLU=
Received: by sail-ipv4.us-core.com (OpenSMTPD) with ESMTPSA id 952586bb
 (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO)
 for <felix.lechner@lease-up.com>;
 Mon, 13 Feb 2023 19:00:06 +0000 (UTC)
Received: from localhost (localhost [local])
 by localhost (OpenSMTPD) with ESMTPA id 60d1f0f2;
 Mon, 13 Feb 2023 19:00:06 +0000 (UTC)
Date: Mon, 13 Feb 2023 10:59:43 -0800
Message-Id: <20230213185943.31648-1-felix.lechner@lease-up.com>
X-Mailer: git-send-email 2.39.1
MIME-Version: 1.0
Received-SPF: pass client-ip=208.82.101.137;
 envelope-from=felix.lechner@us-core.com; helo=sail-ipv4.us-core.com
X-Spam_score_int: -16
X-Spam_score: -1.7
X-Spam_bar: -
X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 UNPARSEABLE_RELAY=0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Reply-to: Felix Lechner <felix.lechner@lease-up.com>
X-ACL-Warn: ,  Felix Lechner via Guix-patches <guix-patches@gnu.org>
X-Patchwork-Original-From: Felix Lechner via Guix-patches via
 <guix-patches@gnu.org>
From: Felix Lechner <felix.lechner@lease-up.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

The Knot DNS service in Guix uses two days, or 48 hours, for the SOA
refresh interval but that is outside the range of RFC 1912, which is
entitled "Common DNS Operational and Configuration Errors." [1]

Section 2.2 of RFC 1912 recommends a maximum of 12 hours for the SOA
refresh rate: "You can keep it short (20 mins to 2 hours) if you
aren't worried about a small increase in bandwidth used, or longer
(2-12 hours) if your Internet connection is slow or is started on
demand."

This commit sets the default refresh interval at the nearest value
recommended by the standard, which is 12 hours.

Due to the widespread adoption of NOTIFY messages between primary and
secondary DNS servers, the SOA refresh interval has arguably lost some
importance, but the Guix default should still be in line with the
standards.

Values outside the recommended range can provoke warning messages from
services commonly used to find bugs in DNS configurations, such as the
MX Toolbox Super Tool. [2]

[1] https://datatracker.ietf.org/doc/rfc1912/
[2] https://mxtoolbox.com/SuperTool.aspx
---
 gnu/services/dns.scm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


base-commit: ee69b60426d4f87ea19e32f757f1e7415ae58879

diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 50753b7ab6..32fb8c0664 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -114,7 +114,7 @@ (define-record-type* <zone-file>
   (serial  zone-file-serial
            (default 1))
   (refresh zone-file-refresh
-           (default (* 2 24 3600)))
+           (default (* 12 3600)))
   (retry   zone-file-retry
            (default (* 15 60)))
   (expiry  zone-file-expiry