Friday, August 30, 2013

TTL value in DNS

You have changed the DNS entry of a record in an authoritative DNS server in your domain. The DNS resolution is working fine from your domain. However, when you try to resolve the DNS entry from a different domain where this particular record needs to be resolved recursively, you still get the old value!!

The culprit here is the TTL(Time To Live) value set for the DNS zone. When a caching/recursive server gets the DNS value from the authoritative DNS server, it is cached in the server for the duration specified by the TTL value. If it receives a DNS query before the TTL has expired, it will simply reply back with the cached values rather than querying the authoritative name server once again. This is what happened in the above situation. Though the DNS record was changed, the cache server was providing the response from its cache.  The larger the TTL value, the longer the DNS values are cached. But if you reduce the TTL value, there is a chance of authoritative name server getting overloaded. However, this approach can be used if you are changing the DNS entry of a critical service like Web servers, MX records etc. However it should be planned in way that there should be enough time for the already cached value to be expired in the non recursive servers.