$TTL issue?

Borgia Joe A Contr AFRL/IFOS Joe.Borgia at rl.af.mil
Tue Feb 20 15:58:44 UTC 2001


I'm sort of new to managing this environment. (As if you folks couldn't
figure that out).

Where would I look to see if I have a "weird forwarding setup" or to see
if I'm forwarding to "flaky servers"? I just downloaded the most recent
version I could find of named.root last Friday. The date on that was
ala 1997.

Our network guys are telling me that we're not blocking DNS traffic at the
firewall out. These nameservers were both production servers before I
upgraded
them and still are now.They worked fine with the version 4 of BIND. They 
even seemed to work fine with the version 8 of BIND, for a while. Until
things seemed to stop resolving. Everything inside was resolving fine. Some
things outside could resolve. Other things outside would not.

It would seem to me like the problem was "external" to our site. But I'd
like
to make sure I have as many ducks in a row as I can. Like I said, everything
resolved fine on the inside. It was certain domains outside that would not
resolve.

-----Original Message-----
From: Jim Reid [mailto:jim at rfc1035.com]
Sent: Tuesday, February 20, 2001 10:35 AM
To: Borgia Joe A Contr AFRL/IFOS
Cc: 'comp-protocols-dns-bind'
Subject: Re: $TTL issue? 


>>>>> "Joe" == Borgia Joe A Contr AFRL/IFOS <Joe.Borgia at rl.af.mil> writes:

    Joe> That seemed fine to me, since it looks like the SOA minimum
    Joe> is the same as what I would have set the $TTL to anyway.

    Joe> When I got in this morning, I tried a couple of nslookups,
    Joe> and sure enough, these domains would not resolve. Once I
    Joe> restarted named on each, and did my nslookups again, these
    Joe> domains reappeared again.

    Joe> I was wondering if this $TTL line being missing from zone
    Joe> files could be the culprit in this case.

No. The $TTL only affects the TTL values on the resource records in
the zones your server loads. If you're having problems resolving
names, it has some other cause. Maybe there's a weird forwarding setup
or your servers forward to flaky name servers? Maybe your firewall is
blocking DNS traffic? Maybe you restarted old name servers that are
allowed through the firewall? These are just guesses. You didn't give
any information about how DNS works at your site which would allow
someone to pinpoint the problem.


More information about the bind-users mailing list