DNS behavior question.

John Wobus jw354 at cornell.edu
Tue Sep 30 16:53:21 UTC 2008 

On Sep 27, 2008, at 7:19 PM, danjourno wrote:

> I'm no expert when it comes to DNS so forgive me if this seems a
> stupid question.
>
> Yesterday one of my sites had a dns issue.. i think the servers went
> down. I couldn't get on to the hosting provider where the dns was
> hosted for over an hour so I redirected my domain to backup
> nameservers.. which also pointed to a new host server for my website.
> I left it like this for about 3 hours until the dns issue was resolved
> and then changed the domain to point back to the old nameservers and
> hence the old host server.
>
> Anyway.. what I'm confused about is the behavior.. When i made the
> first change to point to the temporary nameserver and the initial
> nameserver was down the results were more or less instant. Whereas
> now, after I have switched it back I am still getting half of the site
> traffic going to one host server and half to the other almost 24 hours
> later. Is this normal behaviour?

This sounds completely normal.  However, the amount of time that this 
situation lasts
is under your control if you plan for it.  Every DNS record includes a 
TTL (Time To Live) field,
indicating the number of seconds that the record may be stored and
reused at other nameservers throughout the Internet.  1 day (86400 
seconds) is
a typical setting.

When you set up your temporary nameserver, you could have set your 
temporary
records' TTL to 5 minutes, and then this transition-back period would 
be much shorter.
However, this would force more queries to come all the way
to your nameserver because other nameservers would not hold on
to the records as long.  More load, both for nameservers
and the Internet, though in many cases, not enough to worry about.

When your normal DNS servers stopped answering, the clocks on all
the copies of your records stored throughout the Internet were already 
ticking, so by the
time you got your temporary nameserver up and running,
few or no records were stored anywhere, and DNS queries went
to your replacement nameserver almost immediately.

Note that non-standard DNS implementations can mess
up this picture if they hold on to records for longer times than the 
specified TTL,
i.e. they can make such situations persist for their users even if you 
set the TTL
appropriately low.  That's an example of why you find sticklers 
regarding RFC
compliance.

More information about the bind-users mailing list