[dns-operations] caches only resetting TTL? was Re: Where to find "DNS resolution path corruption"?

sthaug at nethelp.no sthaug at nethelp.no
Tue Feb 26 16:49:18 UTC 2008


> > In short, you suggest that historic paths might still be used. IIMHO
> > that is a software bug, as it seems to violate protocol. 
> 
> The experience we have, or rather complaints, is that when a domain is transfered, and the old nameservers stay authoritative for the zone, it's false data keeps getting used long after we have changed the delegation. The complaint is that this is still the case after the original TTL has expired.
> 
> Now offcourse the zone should be deleted at the old nameservers, but ISP's are not so fast in doing that as it doesn't create revenu, and they have lost their customer allready anyway.

The ISP running the old name servers may not even *know* that the domain
has been transferred - because neither the customer nor the registrar
bothered to inform the ISP.

> So I'm curious where this behaviour originates from, so I have a stick to beat the ISP's to delete old authoritative zones.
> Is it broken cashing resolvers, ISP's caching longer than the zone's TTL, or is it in algorithms resolvers use to update their cache ?

There are unfortunately plenty of cases where recursive and authoritative
name service still runs on the same server. So as long as the zone isn't
deleted, the name server will answer authoritatively - and this being one
of the ISP's recursive name servers, will be used by lots of clients.

Steinar Haug, Nethelp consulting, sthaug at nethelp.no



More information about the dns-operations mailing list