-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 1 Sep 2003, Shane Hollis wrote:
> The DNs is a semi heiracrchical system from my understanding. The master DNS ( > to use a phrase loosely) are based in the states. My provider in the states > is on the main backbone. Therefore changes get sent out much more rapidly and > from a centrally located place, not from a little backwater like NZ. > > If I change a DNS here in NZ, it is like injecting an agent into tip of a > whales tail. It takes along time to propogate through the system. If I inject > into the heart it is sent out a lot more quickly and spreads like a ripple > from the centre of the pond, not from the edge. (some very mixed similes > here). That's not how the DNS works. The DNS is organised as a heirachy purely for the purpose of splitting out where answers come from into seperate entities, so that there is no single central set of servers who are responsible for "all" answers. The root servers only know about domain names which are at the global level, and that knowledge is limited to where to find answers. The servers they point to have knowledge about the deeper parts of the DNS, and in turn may point to other servers which inturn know more about even deeper parts. So when you look up, say, "hairy.geek.nz", there are a number of queries which are sent out. The first is to find out who is authorative for .nz, and on asking the root servers a list of nameservers will be returned. Then, we ask one of those nameservers who is authorative for geek.nz, and a list of nameservers will be returned. We then ask one of those nameservers who is responsible for hairy.geek.nz and a list of nameservers is returned. Finally, we now have a set of nameservers to which we can ask questions about hairy.geek.nz. I've simplified it, because the queries are not exactly that, but the net effect is the same: We keep looking for an authorative server deeper and deeper into the name. Now, the problem with this system is it takes a while (not long, seconds, but long enough) and that it involves a lot of queries and network traffic as a result. So the answers given are _cached_, which means you get answers quicker, and there's less traffic which means the 'net will actually function. :) How long it is cached for is determined by the TTL on the answer itself, which is tunable per-answer. Thus, how long it takes for a change to propogate has nothing to do with the depth in the tree, it depends on what parts of the answer are cached, and how long they are cached for. Since a name which has never been asked for before is never able to be cached (beyond negative response caching, but that's usually not long), the propogation time for a new entry at any level is basically zero. A name that has already been looked up will take as long as it's TTL to "propogate", or more accurately, for the cached copies to expire and new copies be asked for. This can be up to 48 hours, but it is entirely tunable. It can be as low as 1 second if you wish, but I wouldn't suggest doing that :) The important thing to understand is that it DOES NOT MATTER where you are in the network, the propogation time is entirely based on caching of the answers, and nothing else. - -- David Zanetti | (__) #include <geek/unix.h> | ( oo Mooooooo http://hairy.geek.nz/ | /(_O ./ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Made with pgp4pine 1.75-6 iD8DBQE/Uo1PT21+qRy4P+QRAq2EAJwOk96Sk0xA1x3ys77axakA4hvSqQCgnyJO cDMIYc1C/d10y316NTEb6/4= =JhJA -----END PGP SIGNATURE-----
