From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-patches-bounces+larch=yhetil.org@gnu.org>
Received: from mp12.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms5.migadu.com with LMTPS
	id YDqkLxmJ6mPzHwAAbAwnHQ
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 13 Feb 2023 20:01:45 +0100
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp12.migadu.com with LMTPS
	id iG62LxmJ6mNifgEAauVa8A
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 13 Feb 2023 20:01:45 +0100
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 99B45BD1B
	for <larch@yhetil.org>; Mon, 13 Feb 2023 20:01:45 +0100 (CET)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1pRe4X-0002tY-OF; Mon, 13 Feb 2023 14:01:05 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pRe4V-0002rO-2M
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:01:03 -0500
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pRe4U-0003Cr-JR
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:01:02 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pRe4U-0004A3-G0
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:01:02 -0500
X-Loop: help-debbugs@gnu.org
Subject: [bug#61485] [PATCH] In knot-service,
 shorten SOA refresh to maximum recommended in RFC 1912.
Resent-From: Felix Lechner <felix.lechner@lease-up.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Mon, 13 Feb 2023 19:01:02 +0000
Resent-Message-ID: <handler.61485.B.167631483515884@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 61485
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 61485@debbugs.gnu.org
Cc: Felix Lechner <felix.lechner@lease-up.com>
X-Debbugs-Original-To: guix-patches@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.167631483515884
 (code B ref -1); Mon, 13 Feb 2023 19:01:02 +0000
Received: (at submit) by debbugs.gnu.org; 13 Feb 2023 19:00:35 +0000
Received: from localhost ([127.0.0.1]:51621 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1pRe42-000488-Kx
 for submit@debbugs.gnu.org; Mon, 13 Feb 2023 14:00:35 -0500
Received: from lists.gnu.org ([209.51.188.17]:45274)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <felix.lechner@us-core.com>) id 1pRe3w-00047w-ME
 for submit@debbugs.gnu.org; Mon, 13 Feb 2023 14:00:33 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <felix.lechner@us-core.com>)
 id 1pRe3k-0002dq-Mb
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:00:16 -0500
Received: from sail-ipv4.us-core.com ([208.82.101.137])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256)
 (Exim 4.90_1) (envelope-from <felix.lechner@us-core.com>)
 id 1pRe3i-00037l-Jn
 for guix-patches@gnu.org; Mon, 13 Feb 2023 14:00:16 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; s=2017; bh=xvdPZoxsds+2KDT
 9DgtzEknV6wZq5MdU4jbZqh+nebw=; h=date:subject:cc:to:from;
 d=lease-up.com; b=jTZeE4uBRCdFigYIMqkM9VAnILChh5rXPTAiiKbIdwu0PCWwSvNc
 c8LhTHZ56Zin8ZyYoRkdpOSE9klzXflnKbHF3Nn86WKgodIOyrU8n+0YGeae7ZAhnWefUe
 +VYguLv12xxCHyf5BCOyfgcxXR69jG2Hd4NsKCIfl1O3aqlLU=
Received: by sail-ipv4.us-core.com (OpenSMTPD) with ESMTPSA id 952586bb
 (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO)
 for <felix.lechner@lease-up.com>;
 Mon, 13 Feb 2023 19:00:06 +0000 (UTC)
Received: from localhost (localhost [local])
 by localhost (OpenSMTPD) with ESMTPA id 60d1f0f2;
 Mon, 13 Feb 2023 19:00:06 +0000 (UTC)
Date: Mon, 13 Feb 2023 10:59:43 -0800
Message-Id: <20230213185943.31648-1-felix.lechner@lease-up.com>
X-Mailer: git-send-email 2.39.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=208.82.101.137;
 envelope-from=felix.lechner@us-core.com; helo=sail-ipv4.us-core.com
X-Spam_score_int: -16
X-Spam_score: -1.7
X-Spam_bar: -
X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 UNPARSEABLE_RELAY=0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Reply-to:  Felix Lechner <felix.lechner@lease-up.com>
X-ACL-Warn: ,  Felix Lechner via Guix-patches <guix-patches@gnu.org>
From:  Felix Lechner via Guix-patches via <guix-patches@gnu.org>
Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org
Sender: guix-patches-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1676314905;
	h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:resent-cc:
	 resent-from:resent-sender:resent-message-id:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post:dkim-signature;
	bh=Ivxm1yDO20gSrPQV199RRdNmD8mw8IYYLKZciR7uCEA=;
	b=sFDpWFUBKVy5LxPAQvdHr6j2u25sspzFFaaLjT9biwEPe+MZzYA93cke7EPxJXNY0B3o4a
	ZskPtRYq2U7z0eb2/iCrZlOywbi8RqOqnco6w6zMr0Dvyhl1JvaPjC2YRH61GXEZRC3W4h
	mvJ4MUogahQDMl9p2QjRc50KKMLEWOeGgd31Y1OW/Hn/dOpa2MC6u27XVQwP+q9OKykVlZ
	OxPkLHO9v/nMIWBqOI6X30vbGjKuOw+8Myl219IfoAgO5eoO4YMnbQCV+XThfeqLat4VXl
	EFdyOEiV7GiaOVjI2/6zWyiBO2/S4X1PUipFkJMTiVL4X4ZMtjkwwuOfxrUlUw==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=lease-up.com header.s=2017 header.b=jTZeE4uB;
	dmarc=pass (policy=none) header.from=gnu.org;
	spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1676314905; a=rsa-sha256; cv=none;
	b=m1uZCHpFVXZONb+jPb43r7ssMfwWIqLZqmoJsdkjczTdjEUdYURuLCqBEjijHX9KgZkzI9
	E6WNksKyzhS4E4N/fiF0lUEFV71NpaBnRar0ZmRO8VicIaUI6o1OdOdhoEDgkcgBNXXxHk
	BlTOodSyg7cAjixf22mCQz917jcaQE1Zu7bWKLtz3QNpOFBOalhQ52ll1ONkV7ktNfZI89
	c+NkMlj+Aq6i3IUYJcevFfnF9Geura6bVAywszgj3LFV/wbkgfbKZmq2BnwBJGGOYh5fQe
	TsWmN2DRtJGwqOSwooD5asnFsNeMjvwt6ZwDujtdWCSv+eB75FofBEtM9AIkrA==
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=lease-up.com header.s=2017 header.b=jTZeE4uB;
	dmarc=pass (policy=none) header.from=gnu.org;
	spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Spam-Score: -3.32
X-Spam-Score: -3.32
X-Migadu-Queue-Id: 99B45BD1B
X-Migadu-Scanner: scn1.migadu.com
X-TUID: R5Rc3XaG0gUx

The Knot DNS service in Guix uses two days, or 48 hours, for the SOA
refresh interval but that is outside the range of RFC 1912, which is
entitled "Common DNS Operational and Configuration Errors." [1]

Section 2.2 of RFC 1912 recommends a maximum of 12 hours for the SOA
refresh rate: "You can keep it short (20 mins to 2 hours) if you
aren't worried about a small increase in bandwidth used, or longer
(2-12 hours) if your Internet connection is slow or is started on
demand."

This commit sets the default refresh interval at the nearest value
recommended by the standard, which is 12 hours.

Due to the widespread adoption of NOTIFY messages between primary and
secondary DNS servers, the SOA refresh interval has arguably lost some
importance, but the Guix default should still be in line with the
standards.

Values outside the recommended range can provoke warning messages from
services commonly used to find bugs in DNS configurations, such as the
MX Toolbox Super Tool. [2]

[1] https://datatracker.ietf.org/doc/rfc1912/
[2] https://mxtoolbox.com/SuperTool.aspx


---
 gnu/services/dns.scm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 50753b7ab6..32fb8c0664 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -114,7 +114,7 @@ (define-record-type* <zone-file>
   (serial  zone-file-serial
            (default 1))
   (refresh zone-file-refresh
-           (default (* 2 24 3600)))
+           (default (* 12 3600)))
   (retry   zone-file-retry
            (default (* 15 60)))
   (expiry  zone-file-expiry

base-commit: ee69b60426d4f87ea19e32f757f1e7415ae58879
-- 
2.39.1