Lowest DNS TTL value

Dear chicacoan
      As per your advise ,
    1. "You query nameserver1 - it has no record - it looks up and gets the TTL from your zone record. If it's unreasonably small it SHOULD use it, it may not, but it probably will.
In 15 seconds it will be 15 seconds on that server, etc."

     Did you mean, It may be possible to define TTL equal to 15 seconds ? As I mentioned earlier, I tried 30 seconds, and sometimes I had 30 seconds set in my cache. After 30 secs has gone. I retrieved it again, and I showed records in my cache, it was turned into, for example, 86400.
     
    2. You said that the default resolver's cache on my labtop is equal to 86400, then the solution is to edit the registry. I can proceed it, however, what if there are hundred of users need that configuration ?

Best Regards.
siratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

chicagoanCommented:
the users don't need the registry change - it was for diagnostic purposes

> Did you mean, It may be possible to define TTL equal to 15 seconds
You could set it to 0

What DNS software are you using?

siratorAuthor Commented:
SunOS ns1 5.9 Generic_112233-03 sun4u sparc SUNW,UltraAX-i2

I think it is BIND.

chicagoanCommented:
It's undoubetly BIND.
You can change the default TTL for the zone or that of a particular record.
After doing so you have to reload BIND for the change to take effect.
What exactly are you changing in the zone file and how are you querying?
SolarWinds® IP Control Bundle (IPCB)

Combines SolarWinds IP Address Manager and User Device Tracker to help detect IP conflicts, quickly identify affected systems, and help your team take near instantaneous action. Help improve visibility and enhance reliability with SolarWinds IP Control Bundle.

siratorAuthor Commented:
Let me explain again.

My dns primary server for suppose, domain "mycompany.com" and I configured this server to response to public query and private query.

       -  Assume that if any queries from when there is an activation of VPN across the internet They will be considered to be PRIVATE, then they will resolve "www.mycompany.com" with 10.1.1.1.

       - On the contrary, From PUBLIC, they will find "www.mycompany.com" with 202.1.1.1.
According to this, the reason I wish IS
       *** From the internet client, they can resolve "www.mycompany.com" to 202.1.1.1 ,,,, BUT in case if they applied VPN they will get 10.1.1.1"
       However, whenever they stopped using VPN, they have to be responsive with 202.1.1.1.   BUT thiis scenario wasn't be like this.    Since I observed from my cache with "ipconfig/displaydns" I observed that the TTL was 86400 even I have defined it in my primary with TTL value of 30 seconds.

      For this, I'm afraid that my internet users will also be affected as I encountered currently.

So, How to completely solve this ?


P.S. My client can be from anywhere and employing any Caching Only DNS Server.

Are you clear what I'm describing ??
chicagoanCommented:
>Are you clear what I'm describing ??
not to me
you are decribing 2 dns entries, one for 10.1.1.1 and one for 202.1.1.1
somewhere there has to be a non-caching dns server which has the zone records for these hosts

and i understand that if you resolve my.host.com and get a response of 10.1.1.1 it will be cached and if you subsequently disconnect from your VPN  you don't want that in your cache, so what server is resolving the 10.1.1.1 entry and what did you change in it's zone file?


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
siratorAuthor Commented:
Yes, that's right, After disconnect from VPN, Still , there is a cache of 10.1.1.1 in my notebook ( running "ipconfig/displaydns" and my notebook has win2000 server installed )

So, what's happen if there still be in my local cache is I can't connect to www.mycompany.com since there turned into the public.
One thing I have to do is I have to gain access to 202.1.1.1 not 10.1.1.1 after disconnect from Vpn.

So I modified TTL record of "mycompany.com" from a default 864000 to 30 seconds. Subsequently, I made a test by connecting to 3 ISPs and I observed that the TTL in my cache of hosts of "mycompany.com" domain was not 30 seconds.
chicagoanCommented:
do this:

NSLOOKUP

sever <put the name or address of the authoritative server for 10.1.1.1 here>

set debug

mycompany.com

and port the result

(edit sensitive into out)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.