Different TTL Behavior from Microsoft DNS
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Tue May 18 20:27:02 UTC 2004
Martin McCormick <martin at dc.cis.okstate.edu> wrote:
> When one queries a BIND DNS, the TTL in the response is
> whatever TTL that particular zone has in it for that particular
> record. Yesterday, I was trouble-shooting some weirdness related to a
> Microsoft DNS which is part of an Active Directory setup. The record
> was an MX record which the MS DNS had received from our master bind
> DNS with a TTL of 600 seconds.
> When I used dig to query the MS box, I got a correct answer
> but the TTL was less than 600 seconds. I queried again and the number
> was even less than before. I then got it through my skull that
> every query to the MS DNS returned a TTL based upon the number of
> seconds left in the MS box's cache of the record.
> I wouldn't exactly call this wrong, but it is sure different
> than what bind does. It would appear that if 100 clients requested
> that record from the MS system, all their TTL timers should time out
> at the same second as the TTL timer on the Microsoft DNS.
> Is this behavior significant other than the fact it is different
> than what I expected to see?
What you see is expected. Your M$-DNS was caching a RR and should as
a non-authorative dns-server reduce the TTL When TTL becomes zero
it should throw away the cached data (and get a fresh copy if needed)
Asking an authorative NS will always give the "original TTL"
> Martin McCormick WB5AGZ Stillwater, OK
> OSU Information Technology Division Network Operations Group
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list