Could I please get a hand in understanding why if we lookup a DNS record that doesn’t exist, we must wait 1800 seconds before our name server will try to resolve it again?
Here’s what we’re testing:
- We are looking for a record that we know doesn’t exist yet.
- The Zone that we are looking in is hosted on Cloudflare.
- The way we are querying this is with https://dns.google.com/resolve?name=doesnotexist.example.com
So my questions:
default TTL in the
Start of Authority (SOA) record what determines when other name servers will attempt to look for this
doesnotexist.example.com name in the future?
default TTL configurable in Cloudflare?
Howcome this article seems to suggest that the
default TTL is 300 seconds (or is that the Automatic TTL and only applies to DNS records that have already existed previously?)
Because here’s my testing:
C:\Users\somerandomuser>nslookup Default Server: google-public-dns-a.google.com Address: 126.96.36.199 > set type=soa > example.com Server: google-public-dns-a.google.com Address: 188.8.131.52 Non-authoritative answer: example.com primary name server = adi.ns.cloudflare.com responsible mail addr = dns.cloudflare.com serial = xxxx354900 refresh = 10000 (2 hours 46 mins 40 secs) retry = 2400 (40 mins) expire = 604800 (7 days) default TTL = 3600 (1 hour) > example.com Server: google-public-dns-a.google.com Address: 184.108.40.206
I see the
default TTL is set to
3600 seconds but when I check out the
dns.google.com resolver, I see that it’s TTL is always set to
1800 seconds. I try this with a record where i’m the first person to check and it always seems to start the count-down from
So is google just halving the TTL arbitrarily, or is there some RFC that says this is what name servers should do?
I would love anyone’s help here! thanks