TTL is varying across nameservers
bind at eckner.net
bind at eckner.net
Sun Sep 25 06:43:36 UTC 2022
Hi Robert,
On Sun, 25 Sep 2022, Robert M. Stockmann wrote:
>
> There is something strange going on with the TTL
> of my domain across nameservers on the internet.
>
> This is how its configured on ns1.stokkie.net and ns2.stokkie.net :
>
> $ dig +norecurse +ttlid stokkie.net @84.87.53.162
>
> ; <<>> DiG 9.8.1 <<>> +norecurse +ttlid stokkie.net @84.87.53.162
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54209
> ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;stokkie.net. IN A
>
> ;; ANSWER SECTION:
> stokkie.net. 86400 IN A 84.87.53.162
<- snip ->
> Here the nameserver of my ADSL ISP, resolver1.kpn.net :
>
> $ dig +ttlid stokkie.net @194.151.228.18
>
> ; <<>> DiG 9.8.1 <<>> +ttlid stokkie.net @194.151.228.18
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47231
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;stokkie.net. IN A
>
> ;; ANSWER SECTION:
> stokkie.net. 79291 IN A 84.87.53.162
<- snip ->
> Here the public DNS server of Google :
>
> $ dig +ttlid stokkie.net @8.8.8.8
>
> ; <<>> DiG 9.8.1 <<>> +ttlid stokkie.net @8.8.8.8
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29668
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;stokkie.net. IN A
>
> ;; ANSWER SECTION:
> stokkie.net. 21599 IN A 84.87.53.162
<- snip ->
> Here's the second time Google :
>
> $ dig +ttlid stokkie.net @8.8.8.8
>
> ; <<>> DiG 9.8.1 <<>> +ttlid stokkie.net @8.8.8.8
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3080
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;stokkie.net. IN A
>
> ;; ANSWER SECTION:
> stokkie.net. 21600 IN A 84.87.53.162
<- snip ->
>
> Is this proper behavior ?
Yes, it is. The queried dns servers are caching servers and answer from
the cache. The first time, they get the result from the authoritative
server with a TTL of 86400. When they serve the answer from the cache,
they will reduce the TTL by the amount of seconds since they got it from
the authoritative server - i.e. the TTL would be 0 after one day and the
caching server (or any server downstream) *must* get a new record from the
authoritative server.
Though, I find it interesting, that the TTL of the google dns server
*increases* between the queries - are you sure, the order is right?
regards,
Erich
More information about the bind-users
mailing list