Author Topic: Two DNS Servers, different A records  (Read 680 times)

lagranz (OP)

  • Bit
  • *
  • Posts: 2
  • Rep: 0
    • View Profile
Two DNS Servers, different A records
« on: March 22, 2017, 02:36:30 AM »
Hello all,

I have a specific situation, and since I'm not that quite experienced with DNS servers I would really appreciate your help.

Domain test_domain.com have public nameservers ns1.test_domain.com and ns2.test_domain.com.

Both of these servers have different A records, as you can see from the image.



Now, the configuration of the network is like this :
1. When Primary link is up, backup link is down, and so only DNS Server 1 is visible from the Internet.
2. When Backup link is up, primary link is down, and so only DNS Server 2 is visible from the Internet.

Assuming that TTL of the A records are 60s, the question is, when primary link goes down, and backup link goes up, how long before DNS Server 2 records are visible from the Internet?

Thanks.

SimonV

  • Dark Fibre
  • ****
  • Posts: 962
  • Country: be
  • Rep: 9
    • View Profile
    • Blog
  • Certifications: N+ GFL, CCNP, CCNA Wireless, JNCIS-SEC/ENT
Re: Two DNS Servers, different A records
« Reply #1 on: March 22, 2017, 03:39:21 AM »
Moved to Homework Help

My answer: records are visible immediately when you have connectivity, unless you already have a record in your cache from the other server. Then you have to wait for the TTL to expire.

ristau5741

  • Administrator
  • OC-1920
  • *****
  • Posts: 12008
  • Country: us
  • Rep: 13
    • View Profile
  • Certifications: Instanity
Re: Two DNS Servers, different A records
« Reply #2 on: March 22, 2017, 07:04:30 AM »
ususally it's 24 - 36 hours for DNS changes to propagate to all reaches of the internet  (e.g. Elbonia).  At least it used to be....
 
:professorcat:

Good, Fast, or Cheap, you can only select 2 of the 3.

deanwebb

  • Permit any any all log
  • Administrator
  • Volume Licensing
  • *****
  • Posts: 7404
  • Country: us
  • Rep: 19
  • *I* am the one who NACs.
    • View Profile
  • Certifications: FSCA: ForeScout Certified Administrator, CCNP Security, Tufin CSE, TippingPoint ASE
Re: Two DNS Servers, different A records
« Reply #3 on: March 22, 2017, 10:38:14 AM »
ususally it's 24 - 36 hours for DNS changes to propagate to all reaches of the internet  (e.g. Elbonia).  At least it used to be....
 

When I changed over to the new host, both records were available immediately, but the old ones had to eventually age out over a 36-hour period. Most major DNS systems had the old records aged out after about 4 hours, one or two took 6 hours, and that was that. The rest of the DNS in the world, more minor systems under corporate control, each had their own settings for settling the records issue.

DNS replication is some fascinating stuff, I tell you what.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!

SimonV

  • Dark Fibre
  • ****
  • Posts: 962
  • Country: be
  • Rep: 9
    • View Profile
    • Blog
  • Certifications: N+ GFL, CCNP, CCNA Wireless, JNCIS-SEC/ENT
Re: Two DNS Servers, different A records
« Reply #4 on: March 22, 2017, 12:41:26 PM »
ususally it's 24 - 36 hours for DNS changes to propagate to all reaches of the internet  (e.g. Elbonia).  At least it used to be....
 

When I changed over to the new host, both records were available immediately, but the old ones had to eventually age out over a 36-hour period. Most major DNS systems had the old records aged out after about 4 hours, one or two took 6 hours, and that was that. The rest of the DNS in the world, more minor systems under corporate control, each had their own settings for settling the records issue.

DNS replication is some fascinating stuff, I tell you what.

But in those cases, did you lower the TTL? All forwarders should flush the record after the TTL expires, so if you bring it down to a couple of minutes it should be quite smooth. We do this quite often to migrate to new webservers and never had replication issues.

deanwebb

  • Permit any any all log
  • Administrator
  • Volume Licensing
  • *****
  • Posts: 7404
  • Country: us
  • Rep: 19
  • *I* am the one who NACs.
    • View Profile
  • Certifications: FSCA: ForeScout Certified Administrator, CCNP Security, Tufin CSE, TippingPoint ASE
Re: Two DNS Servers, different A records
« Reply #5 on: March 22, 2017, 01:44:59 PM »
Whatever Network Solutions did, that's what the TTL got set to.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!

lagranz (OP)

  • Bit
  • *
  • Posts: 2
  • Rep: 0
    • View Profile
Re: Two DNS Servers, different A records
« Reply #6 on: March 23, 2017, 03:21:13 AM »
Okay, so if I understand correctly, since TTL is 60s, after 60s or so are new records propagated?

deanwebb

  • Permit any any all log
  • Administrator
  • Volume Licensing
  • *****
  • Posts: 7404
  • Country: us
  • Rep: 19
  • *I* am the one who NACs.
    • View Profile
  • Certifications: FSCA: ForeScout Certified Administrator, CCNP Security, Tufin CSE, TippingPoint ASE
Re: Two DNS Servers, different A records
« Reply #7 on: March 23, 2017, 08:08:55 AM »
Okay, so if I understand correctly, since TTL is 60s, after 60s or so are new records propagated?

That's one way of putting it. Understanding TTL is very important in networking, not just for DNS.

TTL in this case means that 60s after the record is received, a DNS server with the record will request a new record and not use this one any more. Once it gets the new record, it will retain that until the TTL on that record expires.

In other areas of networking, TTL can define the amount of time a device will await a response on a packet sent out before resending that packet. Once the resend count is at maximum value, the device will give up on the communication. For example, with a TTL of 10s and a resend value of 3, a device will stop communication attempts 30s after initiating it, if it receives no response.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!