Bug ID 655233: DNS Express using wrong TTL for SOA RRSIG record in NoData response

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP DNS, LTM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:, 13.1.0,

Opened: Apr 04, 2017

Severity: 3-Major

Related Article: K93338593


DNS Express returns an incorrect TTL for the SOA RRSIG record in a NoData response.


This brings the behavior in line with RFC2308. There is no known functional impact.


-- DNS Express configured. -- A query that results in a NoData response and DNSSEC signing requested.


There is no workaround.

Fix Information

The TTL of the RRSIG record now matches the TTL of the covered SOA record.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips