What percentage of nameservers honor TTL these days?

domain-name-system nameserver ttl

Some years ago I had to do several DNS changes over the course of several weeks as I moved bits of equipment from one data center to the other. At the time that I did this, about 95% of the nameservers in the world seemed to respect the TTL value, and about 5% ignored ours and made up their own. In other words, 95% of the traffic moved within the 15-minute TTL that we defined. Another 3% made it in the first hour, 1% in the first day, and a few stragglers took up to three days.

(Yes, OK, I'm confusing percentage of traffic with percentage of nameservers. Please insert handwaving.)

This was in about 2001, though, and we were using dinosaurs to transmit packets through the tubes. My guess is that today's nameservers are better-behaved, and there will be less of a problem with stragglers. Does anyone have a feel for what percentage of traffic will switch within the defined TTL these days? Are there still many nameservers out there that ignore TTL?


Solution 1:

We moved recently and had all sorts of problems with DNS.

When we did the swing over most customers started hitting the new IPs right away. But some were still hitting the old IPs for weeks. We left a server up for a month or so. Eventually we went through the IIS logs on the old machine and called the customers telling them to flush DNS on there company or ISP DNS servers. That got the last of them moved over.

It was a small number of people that kept with the old IPs. Out of 20k customers, maybe 50 had issues after the first day.

Solution 2:

(Very) long TTL values of weeks are in May 2011 honoured by most DNS resolving nameservers up to 2 weeks.

In a test using just-dnslookup.com, having 50 global distributed active measuring point, with an A record TTL set to 99.999.999 = 165 weeks (precise: 165 weeks 2 days 9 hours 46 minutes 39 seconds), and a default TTL of 2 weeks (= SOA + NS TTL).

First lookup returns:

  • a TTL of 1 week, for 3 out of 50 measuring points
  • a TTL of 165 weeks, for 47 out of 50 measuring points

Consecutive lookups return (converted in to original TTL value):

  • a TTL of 1 week, for 3 out of 50 measuring points
  • a TTL of 2 weeks, for 46 out of 50 measuring points
  • a TTL of 165 weeks, for 1 out of 50 measuring points

A second test (using a different domain) where default TTL is set to 4 weeks (= SOA + NS TTL) results are below.

First lookup returns:

  • a TTL of 1 week, for 3 out of 50 measuring points
  • a TTL of 2 weeks, for 1 out of 50 measuring points
  • a TTL of 165 weeks, for 46 out of 50 measuring points

Consecutive lookups return (converted to full TTL length):

  • a TTL of 1 week, for 3 out of 50 measuring points
  • a TTL of 2 weeks, for 47 out of 50 measuring points
  • a TTL of 165 weeks, for 0 out of 50 measuring points

From the most well known/best connected public resolver services:

  • Google public DNS [8.8.8.8 and 8.8.4.4] reduce to 1 day.
  • UltraDNS [rdns(1|2).ultradns.net] honour full 165 weeks.
  • Sprintlink [ns(1|2|3).sprintlink.net] honour full 165 weeks.

Related

Changing the maximum mail size in Postfix
Will tcpdump see packets that are being dropped by iptables?
Is there a specific name for the ".\" (dot-slash) shorthand used to log onto a Windows machine?
SSL routines:SSL23_WRITE:ssl handshake failure
LVM logical volume partition corrupted after lvreduce
Network monitoring [duplicate]
Limit/Throttle per user OpenVPN bandwidth using TC
How do I expand the root's volume size?
GUI tools to administer Linux Box
How do I grant permissions to remotely start/stop a service using Powershell?
Configuring NTFS file system for performance
How to NOT get so many apache CLOSE_WAIT connections?