I guess I forgot to note the following point. The DNS for the domains in question are not being moved either to or from any of the providers in question, but from a US-based webhost to an NZ-based one. The records (including SOA) all have a TTL of 14400, old records are still being served by some providers more than 24 hours later.
Regards,
Cameron Bradley
From: nznog-bounces@list.waikato.ac.nz [mailto:nznog-bounces@list.waikato.ac.nz] On Behalf Of Mark Foster
Sent: Wednesday, 28 March 2012 13:21
To: Mauricio Freitas; nznog@list.waikato.ac.nz
Subject: Re: [nznog] DNS TTL Mangling
Mauricio,
What you're describing sounds to me more like 'legacy zone files & config left behind' and is relatively common (as the removal of zone files is a manual process as part of the deprovisioning work, and is often overlooked, if not by the customer than certainly by the DNS host losing the business. A very old problem.
As opposed to the OP's point; ignoring the TTL specified by the manager of a domain name and imposing your own TTL strikes me as just plain 'bad'; some TTL's are low on purpose (DNS load balancing) and some are manually lowered prior to changes (such as moving ISPs and relocating mail servers, etc) and ISPs ignoring this are causing service problems for their customers, rather than the (presumed) rationale of load reduction.
I'd love to see an ISP come up with justification for ignoring the zone-specified TTL. I don't see how anyone can justify being so selective in what DNS results they pass on direct, and which ones they fudge; what's next, full on DNS hijacking because ISP-knows-best?
Mark.
On 28/03/12 13:15, Mauricio Freitas wrote:
I know of cases where people used to host DNS with a large ISP and after moving NS to other providers have to contact said ISP to “reset” DNS because their servers kept serving the old records for days… Even though people go on record saying “our servers respect TTLs” it seems some don’t…
From: nznog-bounces@list.waikato.ac.nz [mailto:nznog-bounces@list.waikato.ac.nz] On Behalf Of Craig Whitmore
Sent: Wednesday, 28 March 2012 1:11 p.m.
To: Cameron Bradley; NZNOG Mailing-List
Subject: Re: [nznog] DNS TTL Mangling
> It has come to my attention in the course of moving the DNS for a number of domains that several of the ISPs in this country are mangling the TTLs on records queried by their recursive DNS servers. This behaviour seems to me to be undesirable in > situations where someone may have set a record to a shorter TTL to facilitate smoother movement between hosting providers. In the cases I’m seeing, records with TTLs of 14400 are being handed out with TTLs of 86400 by the service provider’s >servers.
If an ISP (or anyone) is breaking/changing TTL's (and maybe other stuff in DNS) on purpose I would think IMHO this is bad. Think would make DNSSEC signed zones fail + other stuff you have said as the ISP is playing around with it.
Maybe you don't want to name who you think is doing it but maybe if anyone is doing this they may want to comment on the reasoning behind it.
Thanks
Craig
_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog