TTL

  • Thread starter Thread starter J
  • Start date Start date
J

J

At some point someone in the office updated the TTL on a
couple of our domains to 21900 days (yeah about 60 Years).
Now our IP's have chnaged and I really need to force
outside DNS's to update to our new numbers. Is there
somewheere I can submit to force DNS's to update
themselves or is this Domain destined to be a deadlink for
another 59 years?
 
In
J said:
At some point someone in the office updated the TTL on a
couple of our domains to 21900 days (yeah about 60 Years).
Now our IP's have chnaged and I really need to force
outside DNS's to update to our new numbers. Is there
somewheere I can submit to force DNS's to update
themselves or is this Domain destined to be a deadlink for
another 59 years?
Click to expand...

Lower them to 15 minutes. Then you need to wait for that to propogate. Wait
a week or two, then push them up to one day.

*But* it's unfortunate that it was set to 60 days. If a DNS server has that
cached somewhere and which never gets restarted to clear it's cache (like
some Unix BIND servers just run and run), or until it gets updated, then
those folks who use that server (like possibly a whole ISP) will never be
able to get to it.

I think 60 years is a bit far fetched and way out of bounds and I would ask
the admin who set that what he was thinking when he did it.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
That admin is gone. This is what I'm left with.

Is there no way to force an update to the www domain?
 
In
J said:
That admin is gone. This is what I'm left with.

Is there no way to force an update to the www domain?
Click to expand...

I feel for ya.

Not really other than lowering the TTL on the zone and hoping for the best.
Maybe someone else can chime in with their thoughts, but from what I can
see, it's unfortunate.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
In Ace Fekay [MVP] <PleaseSubstituteMyFirstName&[email protected]>
posted their concerrns,
Then Kevin D4Dad added his reply at the bottom.
In

I feel for ya.

Not really other than lowering the TTL on the zone and hoping for the
best. Maybe someone else can chime in with their thoughts, but from
what I can see, it's unfortunate.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
Click to expand...

I guess this is pretty serious if we are talking MX or mail records 60 years
is an awful long TTL. It would be almost impossible to know every place it
is cached. That is the real problem is knowing where all they could be
cached.

Fortunatly the is a tool at www.dnsstuff.com that may be helpful it checks
the DNS cache of several major ISPs I would start there just to see. But you
can almost bet that it could very well be a problem for a long time any
place it is cached.
 
J> At some point someone in the office updated the TTL on a
J> couple of our domains to 21900 days (yeah about 60 Years).
J> Now our IP's have chnaged and I really need to force
J> outside DNS's to update to our new numbers.

There is - quite simply - no way to force this.

Luckily, no reasonably designed caching proxy DNS server will cache a resource
record set for 60 years. Reasonably designed caching proxy DNS server
softwares place caps on TTLs. Both Dan Bernstein's "dnscache" and ISC's BIND
place an upper bound of one week on TTLs. Microsoft's DNS server places an
upper bound of one _day_ on TTLs.
 
In Jonathan de Boyne Pollard <[email protected]>
posted their concerrns,
Then Kevin D4Dad added his reply at the bottom.
J> At some point someone in the office updated the TTL on a
J> couple of our domains to 21900 days (yeah about 60 Years).
J> Now our IP's have chnaged and I really need to force
J> outside DNS's to update to our new numbers.

There is - quite simply - no way to force this.

Luckily, no reasonably designed caching proxy DNS server will cache a
resource record set for 60 years. Reasonably designed caching proxy
DNS server softwares place caps on TTLs. Both Dan Bernstein's
"dnscache" and ISC's BIND place an upper bound of one week on TTLs.
Microsoft's DNS server places an upper bound of one _day_ on TTLs.
Click to expand...

Hmmm, thanks for the info Jonathan, I didn't know that, at least we know
that he is not stuck for 60 years ROFLOL
 
JdeBP> Luckily, no reasonably designed caching proxy DNS server will
JdeBP> cache a resource record set for 60 years. Reasonably designed
JdeBP> caching proxy DNS server softwares place caps on TTLs. Both
JdeBP> Dan Bernstein's "dnscache" and ISC's BIND place an upper bound
JdeBP> of one week on TTLs. Microsoft's DNS server places an upper
JdeBP> bound of one _day_ on TTLs.

AF> So Jonathan, you're saying that even though it's set to 60 years,
AF> MS DNS only recognizes 1 day and won't cache that record any
AF> longer and likewise with BIND's one week limit?

Is this the point where I am supposed to say "Your read-back is correct, Mr
Ryback." ?

Two caveats:

1. This interval is configurable with both ISC's BIND and Microsoft's DNS
server, although it is not in Dan Bernstein's "dnscache". (With ISC's BIND,
it is configurable via the "max-cache-ttl" option in "named.conf". With
Microsoft's DNS server, it is configurable via the "MaxCacheTTL" key in the
registry.) If someone has actually bothered to alter the configuration,
different results will occur. However, it is reasonable to suppose that
someone who has _explicitly_ configured their server to accept TTLs of 60
years will have realized the consequences of doing so, and only has themselves
to blame.

2. Microsoft's KnowledgeBase describes the information about "MaxCacheTTL" as
applying to Windows NT Server version 4. There is no explicit documentation,
of this and several other features, for any later versions of Microsoft's DNS
server. However, the implication of other documentation is that this setting
indeed exists, unchanged, in all later versions of Microsoft's DNS server as
well.
 
In
Jonathan de Boyne Pollard said:
JdeBP> Luckily, no reasonably designed caching proxy DNS server will
JdeBP> cache a resource record set for 60 years. Reasonably designed
JdeBP> caching proxy DNS server softwares place caps on TTLs. Both
JdeBP> Dan Bernstein's "dnscache" and ISC's BIND place an upper bound
JdeBP> of one week on TTLs. Microsoft's DNS server places an upper
JdeBP> bound of one _day_ on TTLs.


Is this the point where I am supposed to say "Your read-back is
correct, Mr Ryback." ?
Click to expand...

Well, I'm just a cook...
Two caveats:

1. This interval is configurable with both ISC's BIND and
Microsoft's DNS server, although it is not in Dan Bernstein's
"dnscache". (With ISC's BIND, it is configurable via the
"max-cache-ttl" option in "named.conf". With Microsoft's DNS server,
it is configurable via the "MaxCacheTTL" key in the registry.) If
someone has actually bothered to alter the configuration, different
results will occur. However, it is reasonable to suppose that
someone who has _explicitly_ configured their server to accept TTLs
of 60 years will have realized the consequences of doing so, and only
has themselves to blame.

2. Microsoft's KnowledgeBase describes the information about
"MaxCacheTTL" as applying to Windows NT Server version 4. There is
no explicit documentation, of this and several other features, for
any later versions of Microsoft's DNS server. However, the
implication of other documentation is that this setting indeed
exists, unchanged, in all later versions of Microsoft's DNS server as
well.
Click to expand...

I see. Thanks for the explanation. I wasn't aware of that value, but upon
further digging, this link shows and describes that setting (among others)
for NT4, which as you say, and in agreement with, that the reg entries also
apply to W2k and assume W2k3 also:

198408 - Microsoft DNS Server Registry Parameters, Part 1 of 3:
http://support.microsoft.com/?id=198408

Thanks Jonathan.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
In
Jonathan de Boyne Pollard said:
JdeBP> Is this the point where I am supposed to say "Your
JdeBP> read-back is correct, Mr Ryback." ?
Well, I'm just a cook...
Click to expand...

JdeBP> "You're not a cook."
We'll, part time! [...]
Click to expand...

The line that I was prompting for was "Yeah, well ... I also cook.".
(-:
Click to expand...

I coudn't remember his reply. Been awhile since I saw it.

That's why I was a bit non-sequitor about it ...

:-)

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
In Ace Fekay [MVP] <PleaseSubstituteMyFirstName&[email protected]>
posted their concerns,
Then Kevin D4Dad added his reply at the bottom.
In
Jonathan de Boyne Pollard said:
JdeBP> Is this the point where I am supposed to say "Your
JdeBP> read-back is correct, Mr Ryback." ?
Well, I'm just a cook...
Click to expand...

JdeBP> "You're not a cook."
We'll, part time! [...]
Click to expand...

The line that I was prompting for was "Yeah, well ... I also cook.".
(-:
Click to expand...

I coudn't remember his reply. Been awhile since I saw it.

That's why I was a bit non-sequitor about it ...

:-)

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
Click to expand...

Hmmm, it was on Starz last night, imagine that
 
In
Kevin D. Goodknecht Sr. said:
In Ace Fekay [MVP] <PleaseSubstituteMyFirstName&[email protected]>
posted their concerns,
Then Kevin D4Dad added his reply at the bottom.
In
Jonathan de Boyne Pollard said:
JdeBP> Is this the point where I am supposed to say "Your
JdeBP> read-back is correct, Mr Ryback." ?

Well, I'm just a cook...

JdeBP> "You're not a cook."

We'll, part time! [...]

The line that I was prompting for was "Yeah, well ... I also cook.".
(-:
Click to expand...

I coudn't remember his reply. Been awhile since I saw it.

That's why I was a bit non-sequitor about it ...

:-)

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
Click to expand...

Hmmm, it was on Starz last night, imagine that
Click to expand...

Darn, I missed it!


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top