Caching vs. Replication in DNS

Barry Margolin barmar at alum.mit.edu
Tue Mar 30 03:59:36 UTC 2004 

In article <c49ri6$729$1 at sf1.isc.org>,
 Andersen <alibandali at hotmail.com> wrote:

> Hi,
> 
> I don't really understand the relationship between caching and 
> replication in DNS. Isn't replication used very little, you only have a 
> master and slave server typically for each zone?  And the root servers 
> are 16 replicas?

Correct.  Also, heavily used TLDs and corporate domains (e.g. aol.com, 
microsoft.com) make use of lots of slaves.

> What I really want to understand is where caching is being used. It is 
> said that it takes time before updates are propagated due to caching, 
> where does this apply? If I just want to change the IP address of an 
> existing hostname, shouldn't an update to the corresponding nameserver 
> immediately make the change visible around the globe. Or how long would 
> it take?

Caching is done in caching servers, e.g. the servers that your ISP 
directs you to use for lookups, and in some cases in the resolvers local 
to the client machines.  The reason it takes time for changes to 
propagate is because every DNS record is tagged with a Time To Live 
(TTL) value.  This tells caching servers how long they are allowed to 
hold on to that record before they must check again with one of the 
authoritative servers for the domain.  If the TTL is 1 day (a pretty 
common setting), and someone's server cached the record 1 minute before 
you changed it, it will take 23 hours 59 minutes before that server will 
notice the change (actually, it could take a bit longer, because it 
might have been cached from one of the slave servers, and replication 
takes time).

> 
> What if I want to insert another level, for instance I have d.c.b.a 
> running, I want to create e.d.c.b.a? That would be reflected immediately 
> right?

DNS makes use of "negative caching", i.e. a server remembers names that 
it tried to look up but they didn't exist.  So if someone tries to look 
up a.d.c.b.a right before you add it, their server will cache the fact 
that the name doesn't exist.  The MinTTL field in the SOA record 
specifies the maximum time this negative information may be cached for 
names in the zone, but many servers have a ceiling, which I think is 15 
minutes.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

More information about the bind-users mailing list