0

I have a forward lookup zone with a lot of A records. If I change the TTL for the zone, it does not apply to records (they keep the previous TTL setting). I have to manually change the TTL for every records.

Is it the expected behaviour? How can I change every record's TTL?

Thanks!

Patator
  • 141
  • 1
  • 2
  • 11

2 Answers2

1

It should update them if they are static entries after you restart DNS or reload the zone IF the entries don't have manual TTLs applied to them.

See here for a Technet thread that discusses the functionality and explains why the SOA TTL changes may or may not take affect for existing A records: http://social.technet.microsoft.com/Forums/en-US/031d48f5-46ae-4e6d-ae85-ae715e7c1206/ttl-of-dns-records-not-updated-when-soa-minimum-ttl-is-changed?forum=winserverNIS

However, if they are dynamic updates via either DHCP or DNS then the TTL defaults to 20 minutes.

Whenever a dynamic update client registers in DNS, the associated A and PTR resource records include the TTL, which by default is set to 20 minutes. You can change the default setting by modifying the DefaultRegistrationTTL entry in the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services \Tcpip\Parameters

The entry has a DWORD value and lists the TTL in seconds. A small value causes cached entries to expire sooner, which increases DNS traffic but decreases the risk of entries becoming stale. Expiring entries quickly is useful for computers that frequently renew their DHCP leases. A large value causes cached entries to be retained longer, decreasing DNS traffic but increasing the risk of entries becoming stale. Long retention times are useful for computers that renew their DHCP leases infrequently.

But I wouldn't recommend changing the defaults for the dynamic updates.

TheCleaner
  • 32,627
  • 26
  • 132
  • 191
  • In the link you provided, a guy says that the TTL defined at SOA level is applied to new records, not the old ones. I did not set an explicit TTL for my records, but they don't update, they keep the old TTL: so this guy explained my issue. I'll have to manually update every records... let's read dnscmd man page ! Thanks. – Patator Mar 31 '14 at 14:42
0

While this may (or may not) apply to the Windows world, you normally use the alias $TTL at the start of the zone file to specify the default expiration time of all resource records without their own TTL value.

For example:

$TTL 1h
example.com.  IN  SOA  ns.example.com. username.example.com. (
          2007120710 ; serial number of this zone file
          1d         ; slave refresh (1 day)
          2h         ; slave retry time in case of a problem (2 hours)
          4w         ; slave expiration time (4 weeks)
          1h         ; maximum caching time in case of failed lookups (1 hour)
          )
example.com.         NS    ns             ; ttl = 1h
mail          3w     A     192.0.0.1      ; ttl = 3w
pehrs
  • 8,789
  • 1
  • 30
  • 46
  • 1
    Yes, that's the "normal" behaviour. I thought that it will apply to windows's DNS server, but it seems I was wrong. – Patator Mar 31 '14 at 14:44