Friday, November 6, 2015

linux dns client cache ttl


Checking TTL's DNS

 Incidentally to check what the TTL is for a given entry you can use dig with the following switches.

 Example

 $ dig +nocmd www.google.com +noall +answer | tail -1
www.google.com.     137 IN  A   74.125.225.82

 $ dig +nocmd www.google.com +noall +answer | tail -1
www.google.com.     135 IN  A   74.125.225.115

 So the TTL for this response is 137 seconds. Waiting ~2 seconds and running it again shows 135 seconds. The TTL means how much time is left until the DNS entry expires, and we need to go query the authoritative server for the domain.

 Checking Max TTL's

 If we were to query the authoritative server.

 $ dig @ns1.google.com +nocmd www.google.com +noall +answer | tail -1
www.google.com.     300 IN  A   74.125.225.210

 So the actual TTL for this entry is 300 seconds.

 NOTE: The authoritative server is also known as the SOA - Start of Authority.

 SOA information

 You can query the domain further for SOA information.

 $ dig +nocmd dyndns.org any +multiline +noall +answer
dyndns.org.     596 IN SOA ns1.dyndns.org. hostmaster.dyndns.org. (
                863998266  ; serial
                600        ; refresh (10 minutes)
                300        ; retry (5 minutes)
                604800     ; expire (1 week)
                600        ; minimum (10 minutes)
                )
dyndns.org.     85904 IN NS ns5.dyndns.org.
dyndns.org.     85904 IN NS ns1.dyndns.org.
dyndns.org.     85904 IN NS ns2.dyndns.org.
dyndns.org.     85904 IN NS ns3.dyndns.org.
dyndns.org.     85904 IN NS ns4.dyndns.org.
dyndns.org.     12268 IN MX 10 mail.dyndns.com.
dyndns.org.     12268 IN MX 20 mx2.mailhop.org.
dyndns.org.     179 IN A 204.13.248.116

 Changing TTLs

 The only way to change a DNS entry's TTL (outside of some sort of API that your registrar might provide) is through the server.

 Example

 Within Bind you could setup your zone file like so:

 ;Zone file for exampleweb.com
$TTL 14400
@      86400    IN      SOA     ns.exampleweb.com. admin.exampleweb.com. (
2009022402      ; serial, todays date+todays
86400           ; refresh, seconds
7200            ; retry, seconds
3600000         ; expire, seconds
86400 )         ; minimum, seconds
exampleweb.com. 86400 IN NS   ns.exampleweb.com.
exampleweb.com. 86400 IN NS   ns1.exampleweb.com.
exampleweb.com.  IN A   209.59.139.21
localhost  IN A   127.0.0.1
exampleweb.com.  IN MX 0   exampleweb.com.
mail  IN CNAME  exampleweb.com.
www  IN CNAME   exampleweb.com.
ftp  IN A   209.59.139.21
cpanel  IN A   209.59.139.21
webmail  IN A   209.59.139.21
The above macro, $TTL would set the TTL to 14400 seconds for any entries, unless it get's overridden for particular entries.
By at
Labels:

rsync with delete option and different ssh port

How to rsync e.g PIPELINE dir from Source to Destination? #rsync -avzr   --delete-before  -e "ssh -p $portNumber"  /local...