Solved

Lowest DNS TTL value

Posted on 2003-11-26
7
938 Views
Last Modified: 2008-03-06
Dear chicacoan
      As per your advise ,
    1. "You query nameserver1 - it has no record - it looks up and gets the TTL from your zone record. If it's unreasonably small it SHOULD use it, it may not, but it probably will.
In 15 seconds it will be 15 seconds on that server, etc."

     Did you mean, It may be possible to define TTL equal to 15 seconds ? As I mentioned earlier, I tried 30 seconds, and sometimes I had 30 seconds set in my cache. After 30 secs has gone. I retrieved it again, and I showed records in my cache, it was turned into, for example, 86400.
     
    2. You said that the default resolver's cache on my labtop is equal to 86400, then the solution is to edit the registry. I can proceed it, however, what if there are hundred of users need that configuration ?

Best Regards.
0
Comment
Question by:sirator
  • 4
  • 3
7 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 9824892
the users don't need the registry change - it was for diagnostic purposes

> Did you mean, It may be possible to define TTL equal to 15 seconds
You could set it to 0

What DNS software are you using?

0
 

Author Comment

by:sirator
ID: 9830779
SunOS ns1 5.9 Generic_112233-03 sun4u sparc SUNW,UltraAX-i2

I think it is BIND.

0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9841175
It's undoubetly BIND.
You can change the default TTL for the zone or that of a particular record.
After doing so you have to reload BIND for the change to take effect.
What exactly are you changing in the zone file and how are you querying?
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 

Author Comment

by:sirator
ID: 9841671
Let me explain again.

My dns primary server for suppose, domain "mycompany.com" and I configured this server to response to public query and private query.

       -  Assume that if any queries from when there is an activation of VPN across the internet They will be considered to be PRIVATE, then they will resolve "www.mycompany.com" with 10.1.1.1.

       - On the contrary, From PUBLIC, they will find "www.mycompany.com" with 202.1.1.1.
According to this, the reason I wish IS
       *** From the internet client, they can resolve "www.mycompany.com" to 202.1.1.1 ,,,, BUT in case if they applied VPN they will get 10.1.1.1"
       However, whenever they stopped using VPN, they have to be responsive with 202.1.1.1.   BUT thiis scenario wasn't be like this.    Since I observed from my cache with "ipconfig/displaydns" I observed that the TTL was 86400 even I have defined it in my primary with TTL value of 30 seconds.

      For this, I'm afraid that my internet users will also be affected as I encountered currently.

So, How to completely solve this ?


P.S. My client can be from anywhere and employing any Caching Only DNS Server.

Are you clear what I'm describing ??
0
 
LVL 18

Accepted Solution

by:
chicagoan earned 125 total points
ID: 9842152
>Are you clear what I'm describing ??
not to me
you are decribing 2 dns entries, one for 10.1.1.1 and one for 202.1.1.1
somewhere there has to be a non-caching dns server which has the zone records for these hosts

and i understand that if you resolve my.host.com and get a response of 10.1.1.1 it will be cached and if you subsequently disconnect from your VPN  you don't want that in your cache, so what server is resolving the 10.1.1.1 entry and what did you change in it's zone file?


0
 

Author Comment

by:sirator
ID: 9842521
Yes, that's right, After disconnect from VPN, Still , there is a cache of 10.1.1.1 in my notebook ( running "ipconfig/displaydns" and my notebook has win2000 server installed )

So, what's happen if there still be in my local cache is I can't connect to www.mycompany.com since there turned into the public.
One thing I have to do is I have to gain access to 202.1.1.1 not 10.1.1.1 after disconnect from Vpn.

So I modified TTL record of "mycompany.com" from a default 864000 to 30 seconds. Subsequently, I made a test by connecting to 3 ISPs and I observed that the TTL in my cache of hosts of "mycompany.com" domain was not 30 seconds.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9842564
do this:

NSLOOKUP

sever <put the name or address of the authoritative server for 10.1.1.1 here>

set debug

mycompany.com

and port the result

(edit sensitive into out)
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port 808 is being blocked 9 96
Looking for open port with Telnet 5 56
2016 Domain Controller and IPv6 3 48
DNS Record - External Public IP (Sonicwall VPN) 9 20
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now