[Gllug] DNS verification (slightly OT)

James Courtier-Dutton james.dutton at gmail.com
Fri Apr 17 15:09:17 UTC 2009


2009/4/17 Peter Corlett <abuse at cabal.org.uk>:
> On Fri, Apr 17, 2009 at 03:10:13PM +0100, James Courtier-Dutton wrote:
> [...]
>> Note TTL of 2 days. You will have to wait 2 days for the new change to be
>> flooded.
>
> DNS doesn't quite work like that.
>
> Queries using an empty cache will not see cached records, and will
> immediately see updated records. However, some clients don't follow the TTL
> and use their own cache timeouts - up to and including "never expire" - and
> so you'll find that some take rather longer than two days to notice the
> changed records.
>
> In practice, clients usually start going to the right address reasonably
> quickly after broken DNS has been fixed, but with a few annoying stragglers
> still looking in the wrong place over a week later.
>

Ok, the word flood was probably not the best one.
It works on a cache scheme as Peter describes.
A common approach to changing these settings is to first change the
TTL to a smaller value at least TTL seconds before you intend to make
the IP address change. Then make the change. Caches should then update
quicker due to the smaller TTL. Once caches have updated and the new
config is working correctly, one can then move the TTL up to a normal
setting again.
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list