Moving DNS out of non-cooperative provider
Barry Margolin
barmar at alum.mit.edu
Tue Jun 19 03:18:04 UTC 2012
In article <mailman.1066.1340036045.63724.bind-users at lists.isc.org>,
Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> On 18/06/12 16:49, Alexander Gurvitz wrote:
>
> > with each query gets new NS record, and... refreshes the NS TTL ?
>
> No, that's not how TTLs work. They always count down.
Didn't this used to be a problem? When the caching server queries the
cached nameservers, the response would include the old NS records in the
Authority section. The caching server would then replaced the cached NS
records with these records, resetting the TTL to its full time. As long
as it continued performing queries against the old servers before the NS
records timed out, the TTLs would keep getting reset, and never expire.
I remember many people having trouble trying to get everyone to follow
their delegation changes when they changed DNS providers, and it was
because the old provider didn't remove the zone from their servers.
Are recent versions of BIND better about this? What about other caching
DNS implementations?
--
Barry Margolin
Arlington, MA
More information about the bind-users
mailing list