[Opendnssec-user] TTL clamped to minimum 3600?

Havard Eidnes he at uninett.no
Wed Jan 20 13:55:52 UTC 2016


we have some users who tried to register a TTL for some
particular resource records which is quite a bit lower than 1

However, after the zone has been signed by OpenDNSSEC, the TTL is
set to 1 hour (exactly).  I can't seem to find any information
that such clamping is being enforced in our configuration, and I
can't find a knob in the documentation of the configuration files
where this can be modified.

This took me somewhat by surprise -- is the enforced TTL implicit
on one of the other configured values?  Why?


- Håvard

More information about the Opendnssec-user mailing list