Hi Robert, On Sun, 25 Sep 2022, Robert M. Stockmann wrote:
There is something strange going on with the TTL of my domain across nameservers on the internet. This is how its configured on ns1.stokkie.net and ns2.stokkie.net : $ dig +norecurse +ttlid stokkie.net @84.87.53.162 ; <<>> DiG 9.8.1 <<>> +norecurse +ttlid stokkie.net @84.87.53.162 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54209 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;stokkie.net. IN A ;; ANSWER SECTION: stokkie.net. 86400 IN A 84.87.53.162
<- snip ->
Here the nameserver of my ADSL ISP, resolver1.kpn.net : $ dig +ttlid stokkie.net @194.151.228.18 ; <<>> DiG 9.8.1 <<>> +ttlid stokkie.net @194.151.228.18 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47231 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;stokkie.net. IN A ;; ANSWER SECTION: stokkie.net. 79291 IN A 84.87.53.162
<- snip ->
Here the public DNS server of Google : $ dig +ttlid stokkie.net @8.8.8.8 ; <<>> DiG 9.8.1 <<>> +ttlid stokkie.net @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29668 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;stokkie.net. IN A ;; ANSWER SECTION: stokkie.net. 21599 IN A 84.87.53.162
<- snip ->
Here's the second time Google : $ dig +ttlid stokkie.net @8.8.8.8 ; <<>> DiG 9.8.1 <<>> +ttlid stokkie.net @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3080 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;stokkie.net. IN A ;; ANSWER SECTION: stokkie.net. 21600 IN A 84.87.53.162
<- snip ->
Is this proper behavior ?
Yes, it is. The queried dns servers are caching servers and answer from the cache. The first time, they get the result from the authoritative server with a TTL of 86400. When they serve the answer from the cache, they will reduce the TTL by the amount of seconds since they got it from the authoritative server - i.e. the TTL would be 0 after one day and the caching server (or any server downstream) *must* get a new record from the authoritative server.
Though, I find it interesting, that the TTL of the google dns server *increases* between the queries - are you sure, the order is right?
regards, Erich -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users