[Clug-tech] Update frequency of Shaw DNS?
Gustin Johnson
gustin at echostar.ca
Wed Jan 21 07:32:43 PST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Martin Glazer wrote:
> This is a timely topic as I just had to make some changes to my DNS
> this morning.
>
> I use dyndns for a number of hosts and I made a change this morning to
> one of them. I found that within a few minutes, the Shaw DNS servers had
> been updated. Same with Telus DNS servers (I have clients using both).
>
> I was surprised by the speed of the updates...
>
Dyndns uses a TTL (time to live) of 60 seconds. This means that a
properly configured DNS server will only cache lookups for that long.
There was a time not too long ago (during the time when Shawn made his
post) when Shaw's DNS servers did not pay attention to that field.
If you want to find out how long your TTL is, use dig:
dig www.shaw.ca
;; ANSWER SECTION:
www.shaw.ca. 43200 IN A 204.209.208.8
The 43200 value is the TTL in seconds. So in theory a DNS server should
cache the response for no more than 12 hours in this case.
Having said that DNS is more often than not, improperly set up. 25% of
the publicly reachable DNS servers on the net are still not patched to
prevent the spoofing attack detailed by Dan Kaminsky. DNS servers are
also quite often short on resources, be it hardware or bandwidth, which
is why many people have tangible improvements in their internet
experience by using 3rd party DNS servers such as easydns or opendns.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJd0AbwRXgH3rKGfMRAk08AJsEfc3vVBDvjF3q8oA0O2ldMm4mzQCaA74c
QPcMQ/xVanuBORkWMPs0IWE=
=bY/k
-----END PGP SIGNATURE-----
More information about the clug-tech
mailing list