DNS cache problem

Barry Margolin barmar at genuity.net
Mon Dec 3 22:00:22 UTC 2001 

In article <9ugrtk$90a at pub3.rc.vix.com>, Mike Weller  <weller at zyvex.com> wrote:
>12 hours later (after trying to desperately get a hold of them), 
>they fixed the problem, and set the TTL to 1 hour (this was
>Saturday at about noon).

They changed the MinTTL field in the SOA record to 1 hour, but they didn't
change the default TTL of the zone.  It's set to 1 day, which you would
have seen if you used "dig" instead of "nslookup":

% dig zyvex.com any @dfwns1.airband.net +norec

; <<>> DiG 8.3 <<>> zyvex.com any @dfwns1.airband.net +norec 
; (1 server found)
;; res options: init defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35976
;; flags: qr aa ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;	zyvex.com, type = ANY, class = IN

;; ANSWER SECTION:
zyvex.com.		1D IN A		64.241.222.2
zyvex.com.		1D IN MX	10 mail.zyvex.com.
zyvex.com.		1D IN NS	dfwns1.airband.net.
zyvex.com.		1D IN NS	dfwns2.airband.net.
zyvex.com.		1D IN SOA	dfwns1.airband.net. hostmaster.airband.net. (
					2001120301	; serial
					1H		; refresh
					15M		; retry
					5w6d16h		; expiry
					1H )		; minimum


;; AUTHORITY SECTION:
zyvex.com.		1D IN NS	dfwns1.airband.net.
zyvex.com.		1D IN NS	dfwns2.airband.net.

;; ADDITIONAL SECTION:
dfwns1.airband.net.	1H IN A		206.50.26.195
dfwns2.airband.net.	1H IN A		206.50.26.196

;; Total query time: 51 msec
;; FROM: tools.genuity.com to SERVER: dfwns1.airband.net  206.50.26.195
;; WHEN: Mon Dec  3 16:57:01 2001
;; MSG SIZE  sent: 27  rcvd: 224

>My question to you DNS experts is, if an SOA record is corrupt (and
>thus, can't read the cache time) how long does the nameserver cache
>IPs for?  Is there a way to poll "bind" to determine what the 
>cache times are for any particular IP or domain?

In current versions of BIND, the TTL doesn't come from the SOA record.  The
MinTTL field is now used as the negative cache TTL, not the default TTL of
the zone.  The default TTL is configured using the $TTL directive; you
can't actually see it with query tools like nslookup or dig, but you can
infer it by noticing the TTLs of all the records that they return.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list