I think we are beginning to go around in circles here .... CF wrote ... According to what you are saying a DNS server ( which is doing look ups to > find places) always looks to the source to get the authorative IP address. >
> That means if you are running a DNS server at M$ you would be flooded with > requests from every DNS server in the world ( or nearly every DNs server in > the world) on a regular basis asking what the IP address for Microsoft.com > is. If the TTL has expired, then yes, it would be like that. Since the TTL hasn't expired, a "I saw this before" answer from a nearer DNS server is acceptable. Luuk Write I think there is still a misunderstanding going on about how DNS servers cache. The caches do not "update themselves" every so often. When a request is made (using Nick's www.clug.geek.nz) it will ask the .nz server which asks the .geek.nz server and so on. When the address is found, the four levels of DNS server that it has passed through will cache the result. When the address has been in the cache of each server for the TTL specified by the authorative server, the address is deleted from the cache. If a request is made while the address is in the cache it will return the result, but once the address has been deleted it will not be re-cached until someone else requests that address. Another way the entry can be deleted is if the server has a cache size limit. Once this limit is reached the server will start dropping cache entries by some algorithm (last accessed longest ago / been in cache the longest /randomly) Shane is now writing .... Here is what we are agreed on ... DNS servers discover a new address by working their way upstram / downstream from the biggest part of the address to the smallest. e.g. (a very huge simplification of the process.) to get someServer.hairyGeek.co.nz a remote DNS would go Whereis NZ's ip address or master DNS Hello NZ, what is Hairy Geeks ip address Hello Hairy Geek where is someServers ip address. However we are also agreed that at some stage addresses are forgotten and also addresses are cached. We are also agreed you do not always go to the source to find an address, rather you can get it from an 'upstream' trusted DNs servers cache. Having all agreed on that ( I hope) that brings us back to the thing someone originally picked me up on.... if it is faster to disperse IP changes from a backbone or the small pimple on the butt of the internet DNS server. It is still my contention that to make an internet wide change of IP address, one that will eventually affect all caches and all DNS's then it is better to do it from a central location with lots of traffic ( especially DNS traffic) if you want to get the fastest possible way of spreading the changes. This however does not apply to new addresses. It also doesn't mean a change will not be spread from the pimple of the internet, just that it will take longer. This length of time would be especially important to someone using one of those dynamic DNs lookups such as zoneedit. If your ip chages, you want that change spread as fast as possible so there is as little ooops where is that machine now as possible. does this sum it all up? shane -- Shane Hollis Notes Unlimited New Zealand Ph: 021 465 547 Email: [EMAIL PROTECTED]
