>Just an FYI -- the idea of uncontrolled "DNS propagation" is mostly a >myth. The amount of time between making a DNS change and having the DNS >entries used by 100% of the Internet is under your control in most >cases. Essentially, it's [1] the TTL value for the DNS record in question >plus [2] the amount of time it takes your backup DNS servers to update when >the information is changed on the primary DNS server.
Low TTL's are definitely not the solution IMO.
It's not a solution -- it's just there. You're the one that complained about DNS propagation time, and I was just clarifying the issue. It's the same whether you have a low TTL or a high TTL.
Not just some, but many providers override it.
FWIW, I know a lot about DNS (have you been to http://www.DNSreport.com or http://www.DNSstuff.com lately?), both from what I've learned over the years, and from problems people have come to me with.
Although I have often heard rumors (like yours!) that "many ISPs" will cache DNS beyond what they are supposed to, I haven't seen a single confirmed case. Don't say "Many providers override it"; say "I think many providers override it" or "I've heard that many providers override it." I've already told you about the many rumors and no facts, now you're just stating your opinion without backing it up. If you can back it up, that's great -- it would be nice to have evidence of this.
> In addition, super low default TTLs on very busy and populated DNS servers can cause quite a load.
I never said super low TTLs were a good thing. :) My advice applies whether you have a 60 second TTL or a 86400 (1 day) TTL. The reason DNS caching was designed was to reduce the load, so low TTLs are normally frowned upon.
FWIW, many major sites are down to 1 hour TTLs. Google is at 1 hour; ARIN (network gurus!) are at 3 hours (they were at 1 hour). Common belief is that they do this in case of attacks. I don't buy that, but who knows?
Many times I have lowered TTLs temporarily anticipating a change, however, I would not make a practice of it permanently.
And that's great for you -- but provides absolutely no information. :)
I think the problem for many of the people who think there is a DNS caching conspiracy is that they don't realize that you can't change the TTL after a DNS record is cached somewhere. So if you've had a 24 hour TTL on your MX record for months now, and change it to 1 hour, you have to wait 24 hours before all DNS servers will have the new TTL. It's only after the *old* TTL expires that the new one will take effect.
That causes a major problem in troubleshooting other people's DNS issues. When someone says "Yeah, I lowered the TTL to 1 hour, but it is still cached at many places!", it is impossible to find the old TTL unless someone happens to remember it.
AFAIK, there aren't any commercial DNS programs (BIND, Microsoft DNS, etc.) that can violate the RFCs by altering the TTL value. I'm sure there are some people out there that do it (someone suggested that RoadRunner is doing this -- which wouldn't surprise me). But there is no hard evidence yet.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask about our free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
