Apart from the negative cache value, none of the numbers in a SOA record matter at all unless you're doing very old-school secondary DNS setups with AXFR/IXFR, usually with Bind or maybe NSD. That's rare these days, and not very secure. You really shouldn't use that.
A TTL of 30 minutes is a terrible idea if you're using DNS for failover with health checks, or load balancing, and a negative cache value of 30 minutes also seems unnecessarily long. That's a long time to have people impacted by a mistakenly deleted record.
The CD bit being set or not doesn't matter if you're not using DNSSEC. Though it's probably worth getting the bit correct.
kind of an aside, but i've always been curious about how different DNS server implementations handle TTL outliers, especially given the discrepancies between recommended values and real-world configurations. particularly re D103900 in TFA about the SOA TTL recommendation, does anyone here have insights on dealing with the rate of stale records in caches due to exceptionally high TTL values? additionally, has there been any analysis on the impact of DNSSEC chain of trust integrity with long-standing SOA EXPIRE values, like the mentioned "ma" TLD's 19 years?
Here's a nitpick for y'all to downvote: "Top" and "most" don't belong in the same title. It's just the "ten most frequent DNS test failures." "Top" is redundant.
Apart from the negative cache value, none of the numbers in a SOA record matter at all unless you're doing very old-school secondary DNS setups with AXFR/IXFR, usually with Bind or maybe NSD. That's rare these days, and not very secure. You really shouldn't use that.
A TTL of 30 minutes is a terrible idea if you're using DNS for failover with health checks, or load balancing, and a negative cache value of 30 minutes also seems unnecessarily long. That's a long time to have people impacted by a mistakenly deleted record.
The CD bit being set or not doesn't matter if you're not using DNSSEC. Though it's probably worth getting the bit correct.