How can I see Time-To-Live (TTL) for a DNS record?TTL in ping vs digWhy does TTL sometimes re-increment between DNS queries?Recommended DNS SOA record TTL default?dns record resolution - weirdnessWhat are the benefits of a high TTL for DNS?Windows Server 2008 R2 DNS - Syncronizing changes to TTLSetting DNS TTL for an external addressBest CNAME TTL strategy for fallover switchingdns lookup at different dns serversNSCD TTL and DNS TTL, which one is stronger?possible to see remaining DNS negative cache for domain?Windows DNS NS record TTL
Should my manager be aware of private LinkedIn approaches I receive? How to politely have this happen?
How can I get more energy without spending coins?
Is there a maximum distance from a planet that a moon can orbit?
Why is C++ initial allocation so much larger than C's?
Is adding a new player (or players) a DM decision, or a group decision?
Distance Matrix (plugin) - QGIS
Why doesn't a marching band have strings?
What reason would an alien civilization have for building a Dyson Sphere (or Swarm) if cheap Nuclear fusion is available?
Abel-Jacobi map on symmetric product of genus 4 curve
Can ADFS connect to other SSO services?
Could Sauron have read Tom Bombadil's mind if Tom had held the Palantir?
90s (or earlier) cross-world fantasy book with a circular river and character-class tattoos
Why is Madam Hooch not a professor?
Short and long term plans in a closed game in the Sicilian Defense
How can I convince my reader that I will not use a certain trope?
Does ultrasonic bath cleaning damage laboratory volumetric glassware calibration?
Character discovers anti gravity emitters, flies a shipping container into space and docks with space station
Intuitively, why does putting capacitors in series decrease the equivalent capacitance?
Change the boot order with no option in UEFI settings
Should I hide continue button until tasks are completed?
Require advice on power conservation for backpacking trip
When is the original BFGS algorithm still better than the Limited-Memory version?
How to split an equation over two lines?
Inverse-quotes-quine
How can I see Time-To-Live (TTL) for a DNS record?
TTL in ping vs digWhy does TTL sometimes re-increment between DNS queries?Recommended DNS SOA record TTL default?dns record resolution - weirdnessWhat are the benefits of a high TTL for DNS?Windows Server 2008 R2 DNS - Syncronizing changes to TTLSetting DNS TTL for an external addressBest CNAME TTL strategy for fallover switchingdns lookup at different dns serversNSCD TTL and DNS TTL, which one is stronger?possible to see remaining DNS negative cache for domain?Windows DNS NS record TTL
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I would like to see the Time-To-Live (TTL) value for a CNAME record.
I have access to dig (on Apple Mac OS X), which gives me an answer like this:
% dig host.example.gov
<*SNIP*>
;; ANSWER SECTION:
host.example.gov. 43200 IN CNAME host1.example.gov.
host1.example.gov. 43200 IN A 192.168.16.10
Is the value '43200' the TTL for this DNS record?
domain-name-system dig ttl
asked Sep 9 '10 at 18:21
Stefan LasiewskiStefan Lasiewski
15.5k31 gold badges110 silver badges171 bronze badges
add a comment |
I would like to see the Time-To-Live (TTL) value for a CNAME record.
I have access to dig (on Apple Mac OS X), which gives me an answer like this:
% dig host.example.gov
<*SNIP*>
;; ANSWER SECTION:
host.example.gov. 43200 IN CNAME host1.example.gov.
host1.example.gov. 43200 IN A 192.168.16.10
Is the value '43200' the TTL for this DNS record?
domain-name-system dig ttl
asked Sep 9 '10 at 18:21
Stefan LasiewskiStefan Lasiewski
15.5k31 gold badges110 silver badges171 bronze badges
add a comment |
I would like to see the Time-To-Live (TTL) value for a CNAME record.
I have access to dig (on Apple Mac OS X), which gives me an answer like this:
% dig host.example.gov
<*SNIP*>
;; ANSWER SECTION:
host.example.gov. 43200 IN CNAME host1.example.gov.
host1.example.gov. 43200 IN A 192.168.16.10
Is the value '43200' the TTL for this DNS record?
domain-name-system dig ttl
asked Sep 9 '10 at 18:21
Stefan LasiewskiStefan Lasiewski
15.5k31 gold badges110 silver badges171 bronze badges
I would like to see the Time-To-Live (TTL) value for a CNAME record.
I have access to dig (on Apple Mac OS X), which gives me an answer like this:
% dig host.example.gov
<*SNIP*>
;; ANSWER SECTION:
host.example.gov. 43200 IN CNAME host1.example.gov.
host1.example.gov. 43200 IN A 192.168.16.10
Is the value '43200' the TTL for this DNS record?
domain-name-system dig ttl
domain-name-system dig ttl
asked Sep 9 '10 at 18:21
Stefan LasiewskiStefan Lasiewski
15.5k31 gold badges110 silver badges171 bronze badges
asked Sep 9 '10 at 18:21
Stefan LasiewskiStefan Lasiewski
15.5k31 gold badges110 silver badges171 bronze badges
edited Jan 6 '15 at 16:32
Stefan Lasiewski
asked Sep 9 '10 at 18:21
Stefan LasiewskiStefan Lasiewski
15.5k31 gold badges110 silver badges171 bronze badges
asked Sep 9 '10 at 18:21
Stefan LasiewskiStefan Lasiewski
15.5k31 gold badges110 silver badges171 bronze badges
asked Sep 9 '10 at 18:21
Stefan LasiewskiStefan Lasiewski
15.5k31 gold badges110 silver badges171 bronze badges
15.5k31 gold badges110 silver badges171 bronze badges
add a comment |
add a comment |
4 Answers
4
active
oldest
votes
Yes, the number there is the number of seconds left until that record expires (providing we're not querying the authoritative nameserver). Obviously with a CNAME there's a level of redirection, so the TTL for the A record it points to in this case may be important as well.
If you wait a couple of seconds and run dig again on your local nameserver, you should see that TTL number decrease by the number of seconds you waited (approximately). When it hits 0, it'll refresh or if your nameserver refreshes the zone for some reason.
As mentioned above, there is a difference between dig being run against a nameserver with a cached entry and the nameserver that is authoritative for that entry.
(in the examples I use below I use the +noauthority +noquestion & +nostats flags just to keep the output terse).
Note the difference between the following queries:
$ dig +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50066
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; ANSWER SECTION:
stackoverflow.com. 432000 IN A 69.59.196.211
So in the above query, we're querying a nameserver that is authoritative for stackoverflow.com. If you notice the flags section, pay special attention to the aa flag which denotes this is an authoritative answer (i.e. not cached).
$ dig +noauthority +noquestion +noadditional +nostats stackoverflow.com
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +noadditional +nostats stackoverflow.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43514
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; ANSWER SECTION:
stackoverflow.com. 246696 IN A 69.59.196.211
In the above query, we don't have an aa flag, and the TTL will keep decreasing as we query and query. This is essentially the counter I was talking about previously.
answered Sep 9 '10 at 18:28
Philip ReynoldsPhilip Reynolds
8,7781 gold badge26 silver badges30 bronze badges
add a comment |
If you happen to be stuck on a windows box and only have access to nslookup:
nslookup -qa=A -debug host.example.com authoritiative-dns-host-here.com
answered Jan 23 '13 at 22:41
M SlemanM Sleman
7216 silver badges5 bronze badges
add a comment |
Is the value '43200' the TTL for this DNS record?
Yes - as reported to you by the server that answered your query (if you're asking a caching server it will return the remaining time in its cache).
To see the TTL set on the actual record query the authoritative nameserver (dig @some.dns.server host.example.gov - The authoritative DNS servers will be listed in the Authority section of the dig output)
Quick check to see if you're asking the authoritative NS: If you run dig again and the TTL changes you're probably hitting a cache. If it stays the same you're probably asking the authoritative server (or one that has broken caching).
answered Sep 9 '10 at 18:32
voretaq7voretaq7
74.9k14 gold badges118 silver badges201 bronze badges
1
if ttl doesn't change it could just be one that believes itself to be authoritative: the domain owner may have changed DNS server without shuttiong the old one down.... had that problem last month.
– Jasen
Jul 12 '15 at 23:29
2
@Jasen Yes, that's definitely possible (It indicates something important as well: The DNS admin will be buying drinks at the next company outing for screwing up the migration!)
– voretaq7
Jul 13 '15 at 15:26
add a comment |
I couldn't see the authoritative servers in the default dig output, but the following
dig +nssearch host.example.com
returned them, which could then be used as described by voretaq7 to get the actual TTL value for the record.
Update: kept forgetting how to do this and having to come back, so wrote a little script to first fetch the authoritative nameserver then dig using it
#!/bin/bash
show_help()
echo Usage $0 domain
if [ -z "$1" ]; then
show_help
exit 1
fi
DOMAIN=$1
APEX_DOMAIN=`echo $DOMAIN | sed 's/(.*.)([^.]*.[^.]*)/2/'`
FIRST_AUTHORITATIVE_NS=$(dig +nssearch $APEX_DOMAIN | awk '$1=="SOA"sub(".$","",$2);print $2;exit;')
echo
echo Using authoritative nameserver $FIRST_AUTHORITATIVE_NS
dig @$FIRST_AUTHORITATIVE_NS $@
edited Jun 7 at 19:40
Bruno Bronosky
3,8062 gold badges17 silver badges28 bronze badges
answered Oct 19 '12 at 14:04
AdamAdam
2362 silver badges4 bronze badges
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f179630%2fhow-can-i-see-time-to-live-ttl-for-a-dns-record%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Yes, the number there is the number of seconds left until that record expires (providing we're not querying the authoritative nameserver). Obviously with a CNAME there's a level of redirection, so the TTL for the A record it points to in this case may be important as well.
If you wait a couple of seconds and run dig again on your local nameserver, you should see that TTL number decrease by the number of seconds you waited (approximately). When it hits 0, it'll refresh or if your nameserver refreshes the zone for some reason.
As mentioned above, there is a difference between dig being run against a nameserver with a cached entry and the nameserver that is authoritative for that entry.
(in the examples I use below I use the +noauthority +noquestion & +nostats flags just to keep the output terse).
Note the difference between the following queries:
$ dig +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50066
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; ANSWER SECTION:
stackoverflow.com. 432000 IN A 69.59.196.211
So in the above query, we're querying a nameserver that is authoritative for stackoverflow.com. If you notice the flags section, pay special attention to the aa flag which denotes this is an authoritative answer (i.e. not cached).
$ dig +noauthority +noquestion +noadditional +nostats stackoverflow.com
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +noadditional +nostats stackoverflow.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43514
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; ANSWER SECTION:
stackoverflow.com. 246696 IN A 69.59.196.211
In the above query, we don't have an aa flag, and the TTL will keep decreasing as we query and query. This is essentially the counter I was talking about previously.
answered Sep 9 '10 at 18:28
Philip ReynoldsPhilip Reynolds
8,7781 gold badge26 silver badges30 bronze badges
add a comment |
Yes, the number there is the number of seconds left until that record expires (providing we're not querying the authoritative nameserver). Obviously with a CNAME there's a level of redirection, so the TTL for the A record it points to in this case may be important as well.
If you wait a couple of seconds and run dig again on your local nameserver, you should see that TTL number decrease by the number of seconds you waited (approximately). When it hits 0, it'll refresh or if your nameserver refreshes the zone for some reason.
As mentioned above, there is a difference between dig being run against a nameserver with a cached entry and the nameserver that is authoritative for that entry.
(in the examples I use below I use the +noauthority +noquestion & +nostats flags just to keep the output terse).
Note the difference between the following queries:
$ dig +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50066
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; ANSWER SECTION:
stackoverflow.com. 432000 IN A 69.59.196.211
So in the above query, we're querying a nameserver that is authoritative for stackoverflow.com. If you notice the flags section, pay special attention to the aa flag which denotes this is an authoritative answer (i.e. not cached).
$ dig +noauthority +noquestion +noadditional +nostats stackoverflow.com
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +noadditional +nostats stackoverflow.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43514
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; ANSWER SECTION:
stackoverflow.com. 246696 IN A 69.59.196.211
In the above query, we don't have an aa flag, and the TTL will keep decreasing as we query and query. This is essentially the counter I was talking about previously.
answered Sep 9 '10 at 18:28
Philip ReynoldsPhilip Reynolds
8,7781 gold badge26 silver badges30 bronze badges
add a comment |
Yes, the number there is the number of seconds left until that record expires (providing we're not querying the authoritative nameserver). Obviously with a CNAME there's a level of redirection, so the TTL for the A record it points to in this case may be important as well.
If you wait a couple of seconds and run dig again on your local nameserver, you should see that TTL number decrease by the number of seconds you waited (approximately). When it hits 0, it'll refresh or if your nameserver refreshes the zone for some reason.
As mentioned above, there is a difference between dig being run against a nameserver with a cached entry and the nameserver that is authoritative for that entry.
(in the examples I use below I use the +noauthority +noquestion & +nostats flags just to keep the output terse).
Note the difference between the following queries:
$ dig +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50066
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; ANSWER SECTION:
stackoverflow.com. 432000 IN A 69.59.196.211
So in the above query, we're querying a nameserver that is authoritative for stackoverflow.com. If you notice the flags section, pay special attention to the aa flag which denotes this is an authoritative answer (i.e. not cached).
$ dig +noauthority +noquestion +noadditional +nostats stackoverflow.com
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +noadditional +nostats stackoverflow.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43514
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; ANSWER SECTION:
stackoverflow.com. 246696 IN A 69.59.196.211
In the above query, we don't have an aa flag, and the TTL will keep decreasing as we query and query. This is essentially the counter I was talking about previously.
answered Sep 9 '10 at 18:28
Philip ReynoldsPhilip Reynolds
8,7781 gold badge26 silver badges30 bronze badges
Yes, the number there is the number of seconds left until that record expires (providing we're not querying the authoritative nameserver). Obviously with a CNAME there's a level of redirection, so the TTL for the A record it points to in this case may be important as well.
If you wait a couple of seconds and run dig again on your local nameserver, you should see that TTL number decrease by the number of seconds you waited (approximately). When it hits 0, it'll refresh or if your nameserver refreshes the zone for some reason.
As mentioned above, there is a difference between dig being run against a nameserver with a cached entry and the nameserver that is authoritative for that entry.
(in the examples I use below I use the +noauthority +noquestion & +nostats flags just to keep the output terse).
Note the difference between the following queries:
$ dig +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +nostats stackoverflow.com @ns2.p19.dynect.net.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50066
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; ANSWER SECTION:
stackoverflow.com. 432000 IN A 69.59.196.211
So in the above query, we're querying a nameserver that is authoritative for stackoverflow.com. If you notice the flags section, pay special attention to the aa flag which denotes this is an authoritative answer (i.e. not cached).
$ dig +noauthority +noquestion +noadditional +nostats stackoverflow.com
; <<>> DiG 9.7.0-P1 <<>> +noauthority +noquestion +noadditional +nostats stackoverflow.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43514
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; ANSWER SECTION:
stackoverflow.com. 246696 IN A 69.59.196.211
In the above query, we don't have an aa flag, and the TTL will keep decreasing as we query and query. This is essentially the counter I was talking about previously.
answered Sep 9 '10 at 18:28
Philip ReynoldsPhilip Reynolds
8,7781 gold badge26 silver badges30 bronze badges
edited Sep 9 '10 at 19:29
answered Sep 9 '10 at 18:28
Philip ReynoldsPhilip Reynolds
8,7781 gold badge26 silver badges30 bronze badges
answered Sep 9 '10 at 18:28
Philip ReynoldsPhilip Reynolds
8,7781 gold badge26 silver badges30 bronze badges
answered Sep 9 '10 at 18:28
Philip ReynoldsPhilip Reynolds
8,7781 gold badge26 silver badges30 bronze badges
8,7781 gold badge26 silver badges30 bronze badges
add a comment |
add a comment |
If you happen to be stuck on a windows box and only have access to nslookup:
nslookup -qa=A -debug host.example.com authoritiative-dns-host-here.com
answered Jan 23 '13 at 22:41
M SlemanM Sleman
7216 silver badges5 bronze badges
add a comment |
If you happen to be stuck on a windows box and only have access to nslookup:
nslookup -qa=A -debug host.example.com authoritiative-dns-host-here.com
answered Jan 23 '13 at 22:41
M SlemanM Sleman
7216 silver badges5 bronze badges
add a comment |
If you happen to be stuck on a windows box and only have access to nslookup:
nslookup -qa=A -debug host.example.com authoritiative-dns-host-here.com
answered Jan 23 '13 at 22:41
M SlemanM Sleman
7216 silver badges5 bronze badges
If you happen to be stuck on a windows box and only have access to nslookup:
nslookup -qa=A -debug host.example.com authoritiative-dns-host-here.com
answered Jan 23 '13 at 22:41
M SlemanM Sleman
7216 silver badges5 bronze badges
answered Jan 23 '13 at 22:41
M SlemanM Sleman
7216 silver badges5 bronze badges
answered Jan 23 '13 at 22:41
M SlemanM Sleman
7216 silver badges5 bronze badges
answered Jan 23 '13 at 22:41
M SlemanM Sleman
7216 silver badges5 bronze badges
7216 silver badges5 bronze badges
add a comment |
add a comment |
Is the value '43200' the TTL for this DNS record?
Yes - as reported to you by the server that answered your query (if you're asking a caching server it will return the remaining time in its cache).
To see the TTL set on the actual record query the authoritative nameserver (dig @some.dns.server host.example.gov - The authoritative DNS servers will be listed in the Authority section of the dig output)
Quick check to see if you're asking the authoritative NS: If you run dig again and the TTL changes you're probably hitting a cache. If it stays the same you're probably asking the authoritative server (or one that has broken caching).
answered Sep 9 '10 at 18:32
voretaq7voretaq7
74.9k14 gold badges118 silver badges201 bronze badges
1
if ttl doesn't change it could just be one that believes itself to be authoritative: the domain owner may have changed DNS server without shuttiong the old one down.... had that problem last month.
– Jasen
Jul 12 '15 at 23:29
2
@Jasen Yes, that's definitely possible (It indicates something important as well: The DNS admin will be buying drinks at the next company outing for screwing up the migration!)
– voretaq7
Jul 13 '15 at 15:26
add a comment |
Is the value '43200' the TTL for this DNS record?
Yes - as reported to you by the server that answered your query (if you're asking a caching server it will return the remaining time in its cache).
To see the TTL set on the actual record query the authoritative nameserver (dig @some.dns.server host.example.gov - The authoritative DNS servers will be listed in the Authority section of the dig output)
Quick check to see if you're asking the authoritative NS: If you run dig again and the TTL changes you're probably hitting a cache. If it stays the same you're probably asking the authoritative server (or one that has broken caching).
answered Sep 9 '10 at 18:32
voretaq7voretaq7
74.9k14 gold badges118 silver badges201 bronze badges
1
if ttl doesn't change it could just be one that believes itself to be authoritative: the domain owner may have changed DNS server without shuttiong the old one down.... had that problem last month.
– Jasen
Jul 12 '15 at 23:29
2
@Jasen Yes, that's definitely possible (It indicates something important as well: The DNS admin will be buying drinks at the next company outing for screwing up the migration!)
– voretaq7
Jul 13 '15 at 15:26
add a comment |
Is the value '43200' the TTL for this DNS record?
Yes - as reported to you by the server that answered your query (if you're asking a caching server it will return the remaining time in its cache).
To see the TTL set on the actual record query the authoritative nameserver (dig @some.dns.server host.example.gov - The authoritative DNS servers will be listed in the Authority section of the dig output)
Quick check to see if you're asking the authoritative NS: If you run dig again and the TTL changes you're probably hitting a cache. If it stays the same you're probably asking the authoritative server (or one that has broken caching).
answered Sep 9 '10 at 18:32
voretaq7voretaq7
74.9k14 gold badges118 silver badges201 bronze badges
Is the value '43200' the TTL for this DNS record?
Yes - as reported to you by the server that answered your query (if you're asking a caching server it will return the remaining time in its cache).
To see the TTL set on the actual record query the authoritative nameserver (dig @some.dns.server host.example.gov - The authoritative DNS servers will be listed in the Authority section of the dig output)
Quick check to see if you're asking the authoritative NS: If you run dig again and the TTL changes you're probably hitting a cache. If it stays the same you're probably asking the authoritative server (or one that has broken caching).
answered Sep 9 '10 at 18:32
voretaq7voretaq7
74.9k14 gold badges118 silver badges201 bronze badges
answered Sep 9 '10 at 18:32
voretaq7voretaq7
74.9k14 gold badges118 silver badges201 bronze badges
answered Sep 9 '10 at 18:32
voretaq7voretaq7
74.9k14 gold badges118 silver badges201 bronze badges
answered Sep 9 '10 at 18:32
voretaq7voretaq7
74.9k14 gold badges118 silver badges201 bronze badges
74.9k14 gold badges118 silver badges201 bronze badges
1
if ttl doesn't change it could just be one that believes itself to be authoritative: the domain owner may have changed DNS server without shuttiong the old one down.... had that problem last month.
– Jasen
Jul 12 '15 at 23:29
2
@Jasen Yes, that's definitely possible (It indicates something important as well: The DNS admin will be buying drinks at the next company outing for screwing up the migration!)
– voretaq7
Jul 13 '15 at 15:26
add a comment |
1
if ttl doesn't change it could just be one that believes itself to be authoritative: the domain owner may have changed DNS server without shuttiong the old one down.... had that problem last month.
– Jasen
Jul 12 '15 at 23:29
2
@Jasen Yes, that's definitely possible (It indicates something important as well: The DNS admin will be buying drinks at the next company outing for screwing up the migration!)
– voretaq7
Jul 13 '15 at 15:26
1
1
if ttl doesn't change it could just be one that believes itself to be authoritative: the domain owner may have changed DNS server without shuttiong the old one down.... had that problem last month.
– Jasen
Jul 12 '15 at 23:29
if ttl doesn't change it could just be one that believes itself to be authoritative: the domain owner may have changed DNS server without shuttiong the old one down.... had that problem last month.
– Jasen
Jul 12 '15 at 23:29
2
2
@Jasen Yes, that's definitely possible (It indicates something important as well: The DNS admin will be buying drinks at the next company outing for screwing up the migration!)
– voretaq7
Jul 13 '15 at 15:26
@Jasen Yes, that's definitely possible (It indicates something important as well: The DNS admin will be buying drinks at the next company outing for screwing up the migration!)
– voretaq7
Jul 13 '15 at 15:26
add a comment |
I couldn't see the authoritative servers in the default dig output, but the following
dig +nssearch host.example.com
returned them, which could then be used as described by voretaq7 to get the actual TTL value for the record.
Update: kept forgetting how to do this and having to come back, so wrote a little script to first fetch the authoritative nameserver then dig using it
#!/bin/bash
show_help()
echo Usage $0 domain
if [ -z "$1" ]; then
show_help
exit 1
fi
DOMAIN=$1
APEX_DOMAIN=`echo $DOMAIN | sed 's/(.*.)([^.]*.[^.]*)/2/'`
FIRST_AUTHORITATIVE_NS=$(dig +nssearch $APEX_DOMAIN | awk '$1=="SOA"sub(".$","",$2);print $2;exit;')
echo
echo Using authoritative nameserver $FIRST_AUTHORITATIVE_NS
dig @$FIRST_AUTHORITATIVE_NS $@
edited Jun 7 at 19:40
Bruno Bronosky
3,8062 gold badges17 silver badges28 bronze badges
answered Oct 19 '12 at 14:04
AdamAdam
2362 silver badges4 bronze badges
add a comment |
I couldn't see the authoritative servers in the default dig output, but the following
dig +nssearch host.example.com
returned them, which could then be used as described by voretaq7 to get the actual TTL value for the record.
Update: kept forgetting how to do this and having to come back, so wrote a little script to first fetch the authoritative nameserver then dig using it
#!/bin/bash
show_help()
echo Usage $0 domain
if [ -z "$1" ]; then
show_help
exit 1
fi
DOMAIN=$1
APEX_DOMAIN=`echo $DOMAIN | sed 's/(.*.)([^.]*.[^.]*)/2/'`
FIRST_AUTHORITATIVE_NS=$(dig +nssearch $APEX_DOMAIN | awk '$1=="SOA"sub(".$","",$2);print $2;exit;')
echo
echo Using authoritative nameserver $FIRST_AUTHORITATIVE_NS
dig @$FIRST_AUTHORITATIVE_NS $@
edited Jun 7 at 19:40
Bruno Bronosky
3,8062 gold badges17 silver badges28 bronze badges
answered Oct 19 '12 at 14:04
AdamAdam
2362 silver badges4 bronze badges
add a comment |
I couldn't see the authoritative servers in the default dig output, but the following
dig +nssearch host.example.com
returned them, which could then be used as described by voretaq7 to get the actual TTL value for the record.
Update: kept forgetting how to do this and having to come back, so wrote a little script to first fetch the authoritative nameserver then dig using it
#!/bin/bash
show_help()
echo Usage $0 domain
if [ -z "$1" ]; then
show_help
exit 1
fi
DOMAIN=$1
APEX_DOMAIN=`echo $DOMAIN | sed 's/(.*.)([^.]*.[^.]*)/2/'`
FIRST_AUTHORITATIVE_NS=$(dig +nssearch $APEX_DOMAIN | awk '$1=="SOA"sub(".$","",$2);print $2;exit;')
echo
echo Using authoritative nameserver $FIRST_AUTHORITATIVE_NS
dig @$FIRST_AUTHORITATIVE_NS $@
edited Jun 7 at 19:40
Bruno Bronosky
3,8062 gold badges17 silver badges28 bronze badges
answered Oct 19 '12 at 14:04
AdamAdam
2362 silver badges4 bronze badges
I couldn't see the authoritative servers in the default dig output, but the following
dig +nssearch host.example.com
returned them, which could then be used as described by voretaq7 to get the actual TTL value for the record.
Update: kept forgetting how to do this and having to come back, so wrote a little script to first fetch the authoritative nameserver then dig using it
#!/bin/bash
show_help()
echo Usage $0 domain
if [ -z "$1" ]; then
show_help
exit 1
fi
DOMAIN=$1
APEX_DOMAIN=`echo $DOMAIN | sed 's/(.*.)([^.]*.[^.]*)/2/'`
FIRST_AUTHORITATIVE_NS=$(dig +nssearch $APEX_DOMAIN | awk '$1=="SOA"sub(".$","",$2);print $2;exit;')
echo
echo Using authoritative nameserver $FIRST_AUTHORITATIVE_NS
dig @$FIRST_AUTHORITATIVE_NS $@
edited Jun 7 at 19:40
Bruno Bronosky
3,8062 gold badges17 silver badges28 bronze badges
answered Oct 19 '12 at 14:04
AdamAdam
2362 silver badges4 bronze badges
edited Jun 7 at 19:40
Bruno Bronosky
3,8062 gold badges17 silver badges28 bronze badges
edited Jun 7 at 19:40
Bruno Bronosky
3,8062 gold badges17 silver badges28 bronze badges
edited Jun 7 at 19:40
Bruno Bronosky
3,8062 gold badges17 silver badges28 bronze badges
3,8062 gold badges17 silver badges28 bronze badges
answered Oct 19 '12 at 14:04
AdamAdam
2362 silver badges4 bronze badges
answered Oct 19 '12 at 14:04
AdamAdam
2362 silver badges4 bronze badges
answered Oct 19 '12 at 14:04
AdamAdam
2362 silver badges4 bronze badges
2362 silver badges4 bronze badges
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f179630%2fhow-can-i-see-time-to-live-ttl-for-a-dns-record%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
