Providers Ignoring DNS TTL?

cluge asks: "It seems that several large providers give their users DNS servers that simply ignore DNS time to live (TTL). Over the past decade I've seen this from time to time. Recently it seems to be a pandemic, affecting very large cable/broadband and dial up networks. Performing a few tests against our broadband cable provider has shown that only one of the three provided DNS servers picked up a change in seven days or less. After turning in a trouble ticket with that provider - two of the three provided DNS servers were responding correct - while the third was still providing bad information more than two weeks after that specific change. What DNS caches ignore TTL by default? Is there a valid technical reason to ignore TTL?"

"This struck me as odd, and I decided to run a few tests using my own domain. Lowering the TTL to twenty four hours, and making changes and then checking to see when a change was picked up. I queried twelve outside DNS servers/caches that I had access to (Thanks to my friends and relatives with dial ups and DSL who put up with me and my requests to reboot their machine daily!). Checks performed against these outside DNS servers indicate that it may take as much as four to five weeks before a DNS change is picked up! Most DNS servers picked up the change within 48 hours. A small number did not (three out of twelve - that's a quarter of them!)

This merits more study, and prompts a few questions. So, before I begin with a more serious broad study, I'd like to get some feedback on the problem as I've seen it. I know the tin foil hat crowd will see the failure to propagate DNS correctly as censorship, and the OS/bind/djb/whatever zealots will simply see this as an argument for their particular religion.

Based on the responses I get, I will then setup and test a couple of domains with different DNS servers for 6 weeks and report back the findings. [volunteers welcome!]"

TTL's

[dlhm]

Of course there is a reason, To save bandwidth, and to provide the 3rd world internet service we have come to expect here in the USA.

It's a strange pandemic...

[LegendOfLink]

called laziness.

You can use TTL to keep customers from leaving!

[Anonymous Coward]

I remember once I had the TTL set on a bunch of domains to over a year. I found out its a great way to retain customers, because their domains will not work anywhere else.

Re:I Noticed Too

[RLW]

Don't speculate. Assert. You know it's true. Couple that with ignorance and you've got the typical large ISP admin.

Re:Faulty system

[AndroidCat]

Quick! Someone tell that to NetSol before they route all .com/.net typos to their server again.

The reason is quite simple

[Anonymous Coward]

"Titty" is an adult word and therefore TTL is censored by many ISPs.

Re:It's a strange pandemic...

[justforaday]

I would counter your argument, but it's too much effort...

save money - set your ttl to 2147483647

[Anonymous Coward]

this greatly reduces network traffic, as your records will be cached for over 68 years. if caching worked as described in the rfcs, you could probably even forget about keeping your domain registered after a few years, most folks would still come to you even if someone else bought your domain. of course ipv6 is coming any day now and that will probably ruin my evil plan.

Re:Dumb question

[Anonymous Coward]

uhm, yeah.

dig has been deprecated for QUITE some time.

please use nslookup.

Re:Faulty system

[jdreed1024]

DNS isn't about "the web". It's much bigger than that.

That's right, it's how Bill Gates tracks your e-mails to give you that Walt Disney World vacation when you send it to enough of your friends.

Re:Faulty system

[Anonymous Coward]

DNS is not the web. This was moderated interesting?

Re:Why would you reboot?

[SuiteSisterMary]

"Ok, grandma, open the start menu, now select run. Ok, now type c-m-d. No, grandma, m. MMMMM. M as in Mike. Ok. No, grandma, D. DEEEEE. Not g. D. Ok, now did a big black box open up? No? Oh, you're on Windows 95/98, you'll need to reboot."

Re:Dumb question

[Anonymous Coward]

This is a good indication that your gentoo has been hacked. You need to wipe and reinstall immediately.

Re:Dumb question

[Anonymous Coward]

Root login is deprecated and may be removed in a future release.

Re:Bypass their DNS

[2old2rockNroll]

You're not banking in the clear on http: are you? On an unpatched Win box? With IE?

Of course not. That's what telnet's for.

Re:Bypass their DNS

[Anonymous Coward]

"Instead of relying on who-knows-what from the ISPs I use my own DNS server that I set up and am responsible for."

Typical bravado of a /. linux user. I don't know why more home users don't take the same approach. My grandma, running gentoo also does this very thing.

AOL: wayback machine for DNS

[CustomDesigned]

Several months ago, we made the mistake of testing a new webmail server using AOL, but forgetting to actually add the DNS record first :-). The negative result is *still* cached at AOL. Bummer for users trying to use the webmail.

On the plus side, I've used AOL to find out what the IP of names *used* to be while researching problems. Kind of handy that way.