Different between TTL value at zone files

;$TT amount of time other DNS servers should keep the local zone information in their remote cache
$TTL    300
;$ORIGIN test.com.
@               IN SOA  test.com. dns-admin.test.org. (
                                        20100726       ; serial
                                        3H              ; refresh
                                        15M             ; retry
                                        1W              ; expiry
                        ;               1D )            ; minimum
                                        600 )          ;600 sec

what is the different between those two TTL 300 & 600?
I think first $TTL 300 is amount of time other DNS servers should keep the local zone information in their remote cache
how about 600?
rawandnetAsked:
Who is Participating?
 
svgmucConnect With a Mentor Commented:
According to http://en.wikipedia.org/wiki/Zone_file:

the first TTL is the minimum caching time in case of failed lookups,
and the zone file TTL is the default TTL for all records.

In my words:

The SOA minimum TTL is the shortest time after which a zone file will be refreshed from the master DNS server or the database/file.

Regardless of success or failure, after the default TTL, a record will be refreshed, unless specified differently in the respective record.

0
 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:

$TTL is used by any record that does not explicitly define a TTL value of its own.

BIND 9 is supposed to use the Minimum TTL as the negative caching time (BIND 8 uses it as the TTL for all records that do not define their own). MS DNS also uses the Minimum TTL as the TTL for any record which does not explicitly declare a TTL.

See "4 - SOA Minimum Field" in RFC 2308:

http://www.ietf.org/rfc/rfc2308.txt

Chris
0
 
rawandnetAuthor Commented:
Still not clear to me the difference between SOA minimum TTL and master $TTL at top of the zone file.  I am pretty sure that the master $TTL is the one that governs the caching of all my DNS records on nameservers across the Internet, but still not clear to me the reason for having SOA minimum TTL
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:

Formerly it was used in place of $TTL, and it still is for some DNS server implementations (such as MS DNS).

BIND uses it to control negative caching as described in RFC 2308.

Even if it has no purpose the value would remain, if only for backward compatibility. The presence of the TTL in the SOA record is described in RFC 1035:

http://www.ietf.org/rfc/rfc1035.txt

Notice that it describes the value as the default TTL for all records under section 3.3.13.

You can't get away from the RFCs if you're asking about things like that, it boils down to choices made at design time versus adjustments later.

Chris
0
 
rawandnetAuthor Commented:
From internet I found following answer:

The positive caching TTL ($TTL directive) governs the persistence of records that *do* exist in your zone; the negative caching TTL (the value of the last field of the SOA RR) governs the persistence of negative responses, i.e. the persistence of record sets that could but *don't* exist in your zone, so to speak.

> Record that could but *don't* exist in your zone?
How does this happen? does it mean clients asked for record that doesn’t exit, or something was wrong in my zone file,
0
 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:

The NXDOMAIN response, that's the "doesn't exist" response, is cached.

If I run this:

nslookup doesntexist.xyz.com

My locally configured DNS server will cache the NXDOMAIN response to the request for a time. It's rarely longer than a few minutes, for example, the resolver on Windows XP / Vista / 7 will cache negative responses for 5 minutes.

The mechanism exists to save on unnecessary queries when things don't exist. After all, things that do are cached to save on excessive queries, things that don't should be as well.

Chris
0
 
rawandnetAuthor Commented:
> The mechanism exists to save on unnecessary queries when things don't exist
You do mean unnecessary query from client to my zone file if record doesn’t exit. In other meaning NXDOMAIN will be cached on client machine, for stop sending request to my zone file for a certain of time.

By the way on www.zytrax.com web site it is 3h ; minimum, don’t you think that is long time?
0
 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:

NXDOMAIN will be cached on both the client and the requesting server.

If I had this chain:

me   --> My Local DNS Server --> Your DNS Server

Then both "me" and "My Local DNS Server" would cache the NX Domain response. Yours wouldn't because your server is supplying me with the answer.

It is a long time, but is that a problem? It only will be if you're expecting a lot of new records within your zone.

You'll find that each DNS server implementation maintains a different maximum value for the negative cache, overriding yours if yours is longer. For instance, BIND defaults to 3 hours, and can be configured to use a different value with max-ncache-ttl (named.conf). MS DNS, like the client resolver, will cache for a maximum of 5 minutes by default.

Chris
0
 
rawandnetAuthor Commented:
thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.