Different TTL Behavior from Microsoft DNS
Kevin Darcy
kcd at daimlerchrysler.com
Tue May 18 20:30:58 UTC 2004
Martin McCormick wrote:
> When one queries a BIND DNS, the TTL in the response is
>whatever TTL that particular zone has in it for that particular
>record. Yesterday, I was trouble-shooting some weirdness related to a
>Microsoft DNS which is part of an Active Directory setup. The record
>was an MX record which the MS DNS had received from our master bind
>DNS with a TTL of 600 seconds.
>
> When I used dig to query the MS box, I got a correct answer
>but the TTL was less than 600 seconds. I queried again and the number
>was even less than before. I then got it through my skull that
>every query to the MS DNS returned a TTL based upon the number of
>seconds left in the MS box's cache of the record.
>
> I wouldn't exactly call this wrong, but it is sure different
>than what bind does. It would appear that if 100 clients requested
>that record from the MS system, all their TTL timers should time out
>at the same second as the TTL timer on the Microsoft DNS.
>
> Is this behavior significant other than the fact it is different
>than what I expected to see?
>
Martin, non-authoritative servers always count down TTL values. That's
the whole point of TTL: to prevent data from staying past its time. A
non-authoritative BIND server will do the same thing.
- Kevin
More information about the bind-users
mailing list