6

I need to get the latest A records of a DNS in a script. The script is doing some monitoring operations. The Default TTL of DNS record is 5 minutes, but the monitoring script is running every minute. I am using PHP's function dns_get_record to get the A Records but I was wondering if there is a way I can neglect the TTL caching and get the records off DNS server and not cache.

Ofcourse, any way to force this so that no network level cache is applicable and everytime I run the script, it actually hits DNS server?

Thanks Sparsh Gupta

Sparsh Gupta
  • 1,127
  • 7
  • 21
  • 31

1 Answers1

7

No. A regular client does not have the ability to demand of a caching DNS server that it flush its cache and requery the authoritative servers. This is by design -- I'll leave the amount of DDoS havoc you could otherwise get up to as an exercise for the reader.

If you absolutely positively MUST have the un-cached record, query your regular name server for the target domain's NS record, then query the authoritative server directly.

NOTE: This is generally regarded as rude behavior and should really not be used except as a last resort -- what, precisely, is so horribly critical that you absolutely need a perfect recheck every minute just in case a record changed without you noticing?

... For that matter, why are your TTLs at five minutes by default?

ETA: Most DNS servers out in the wild, especially forwarding ones, will flat out refuse to honour a TTL of anything less than 3600 seconds. If you're lucky, they'll default to a minimum of 1 hour; if you're not they'll default to the commonly accepted default of 86400 seconds (24 hours)...

Shadur
  • 1,337
  • 1
  • 11
  • 20
  • 1
    ...also a TTL of less that 3600 seconds is unlikely to have the desired effect. – symcbean Aug 05 '11 at 11:40
  • Good point. Amending answer. – Shadur Aug 05 '11 at 11:41
  • Well.. We have DNS round Robin which divides traffic among multiple servers. We are yet to have IP failover configurations which means that if one of the servers go down, we will still keep sending traffic to it. To avoid it, I want to lookup DNS records and match it against server statuses. I have a plan B where I will same some information at my end about states without actually quering the states but that can have more issues with it. – Sparsh Gupta Aug 05 '11 at 11:59
  • ... I really recommend you start looking into various heartbeat solutions. SOON. DNS propagation isn't even CLOSE to fast enough to be a decent failover. – Shadur Aug 05 '11 at 14:10
  • 1
    @Sparch Gupta: "if one of the servers go down, we will still keep sending traffic to it" - no, the TCP handshake should timeout then retry against a different address - you only lose the established connections and get a delay in the failover. – symcbean Aug 09 '11 at 11:45