Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Lowest DNS TTL value

Posted on 2003-11-23
10
Medium Priority
?
6,389 Views
Last Modified: 2012-05-04
Dear Experts.

     I would like to know the minimum number of TTL of dns. Can I define it lower than 30 seconds.
What's the exact lowest number of TTL ?
Rgds.
0
Comment
Question by:sirator
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 9808240
Zero is the lowest
0
 
LVL 5

Expert Comment

by:jeffkearns
ID: 9808255
I just did one last week at 1 second - it worked like a champ. I don't know this for fact, but I imagine that if you set it for 0 seconds, you are telling other DNS servers to not cache the information.

Jeff
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 9808276
Whie zero is possible, it is not practical except in very specific circumstances.
Background on minimum ttl values.
http://www.ripe.net/ripe/mail-archives/dns-wg/1998/msg00075.html
http://rfc.sunsite.dk/rfc/rfc1537.html

"For example, SOA records are always distributed
                with a zero TTL to prohibit caching.  Zero values can
                also be used for extremely volatile data."
http://rfc.sunsite.dk/rfc/rfc1035.html
0
Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

 
LVL 18

Expert Comment

by:chicagoan
ID: 9808721
Some older BIND nameservers enforce a minimum TTL on received DNS information, even if the TTL is zero, and client dns resolvers won't respond that fast if something's in their cache. It's considered bad form for public DNS and most commercial DNS providers will be hard pressed to set it under an hour. In-house if you are hitting the authoritative server anyway, doesn't make much difference.
0
 

Author Comment

by:sirator
ID: 9822315
Dear Sirs,

    After I tried and I always obtained unstable TTL. Let me explain, suppose I obtained A record ( www.abc.com ) to my labtop as I showed it with "ipconfig/displaydns" At first it is 30 seconds as defined in the zone database as indicated following.

=========================================
$TTL 30
@       IN      SOA     ns.abc.com.  postmaster.abc.com. (
                        2003102401 ; serial
                        28800 ; refresh
                        7200 ; retry
                        604800 ; expire
                        30 ; ttl
                        )

@      IN      NS      ns.abc.com.
 
www              IN      A       203.144.23.2
=========================================

subsequently, after the time was used up, and I received another A record, but it turned into 86400 for www.abc.com.

Thus, I changed my name server to other dns servers, the similar result happened. Sometimes the TTL was not 86400 or 30 seconds, sorry I can't recognize it.

What's wrong with my configuration or zone format ?
Please advise.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9822473
The local DNS resolver defaults to 86400 on a hit and 900 on a miss:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
Value name: MaxCacheTtl
Data type: REG_DWORD
Default value: 86400 seconds
Value name: MaxNegativeCacheTtl
Data type: REG_DWORD
Default: 900 seconds (300 for XP I think)

Obtained a zone record?
Are you authoritative for www.abc.com?
If your server is authoritative for a domain and you make a change to the TTL for from 86400 to 30 seconds in that domain's zone record and reload BIND:
You query nameserver1 - it has no record - it looks up and gets the TTL from your zone record. If it's unreasonably small it SHOULD use it, it may not, but it probably will.
In 15 seconds it will be 15 seconds on that server, etc.

Meanwhile you query nameserverB - it resolved your domain 43200 seconds ago so it's TTL is 43200. Since it is not authoritative it looks up records for you domain and caches them until the TTL expires. It has no way of knowing you changed the TTL.

Now you query nameserverIII - it resolved your domain 86000 seconds ago. TTL? 400

What exactly are you trying to do?







0
 

Author Comment

by:sirator
ID: 9822529
The reason I defined $TTL 30 in the zone database due to the frequently change in IP address,

Let me explain again.
- Suppose, the "abc.com" is under my control. I can manage this domain name. thus I modified TTL as the above to 30 seconds.

Later, I tried each to dial to 3 local ISP and I will then be provided the name server IP from ISPs, right ?

- Assume that I ping to www.abc.com and I obtained the ip address "203.144.23.2" after resolving name with the name server of each ISPs.

- Suddenly I command "ipconfig/displaydns" to view the "www.abc.com" record. In fact it should be 30 seconds as defined in the Zone database. It did like that at the first time. So I waited until 30 seconds gone, then I ping it again to cache in my labtop, but it was not that number. It fluctuated to be other number such as 86400, etc ?

This is what I'm doing.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9822666
You're looking at your resolver's cache, not the DNS server.
change the default value in the registry entry below to 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
Value name: MaxCacheTtl
Data type: REG_DWORD
Default value: 86400 seconds
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9822668
BTW you already closed this question
Please open a new question
0
 

Author Comment

by:sirator
ID: 9824124
Dear chicagoan, I will open a new question. And Thanks for your support.
Can you continue to clarify me a bit about DNS anyway I will post in the question.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Make the most of your online learning experience.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question