[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[public-dns-discuss] Re: Google DNS Nameservers returning no answer for tillerhq.com lookups

It is possible that Hover changed the IP addresses of their name servers as a result or as part of this outage.  Google Public DNS caches name server names and addresses from referral responses it receives from the TLDs, such as these:

$ dig +noall +authority +additional +nocl +ttl tillerhq.com. @a.gtld-servers.net.
tillerhq.com. 172800 NS ns3.hover.com.
tillerhq.com. 172800 NS ns4.hover.com.
tillerhq.com. 172800 NS ns1.hover.com.
tillerhq.com. 172800 NS ns2.hover.com.
ns3.hover.com. 172800 A
ns4.hover.com. 172800 A
ns1.hover.com. 172800 A
ns2.hover.com. 172800 A

and practically never evicts cached entries before the TTL expires, since caching is what Google Public DNS does.

If you notice, 172800 = 2 day long TTLs, and once any authoritative server hands out something with a TTL, you can't take it back. Note particularly that the .COM TLD name servers like a.gtld-servers.net are authoritative for .COM so those (strictly speaking, unnecessary) glue A records for ns[1234].hover.com are "in bailiwick" (to use the obscure DNS terminology) which simply means that it has a higher level of confidence and that querying the authoritative servers for hover.com to get those addresses is unnecessary.

Especially for a DNS hosting service used by many domains, it is essential to honor the TTL (even if it is a TTL from your customer's TLD that you have absolutely no control over). You can switch to new names or addresses but you can't turn off old ones until the TTL has expired.

You received this message because you are subscribed to the Google
Groups "public-dns-discuss" group.
To post to this group, send email to public-dns-discuss AT googlegroups.com
To unsubscribe from this group, send email to
public-dns-discuss+unsubscribe AT googlegroups.com
For more options, visit this group at
For more information on Google Public DNS, please visit
You received this message because you are subscribed to the Google Groups "public-dns-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public-dns-discuss+unsubscribe AT googlegroups.com.
For more options, visit https://groups.google.com/d/optout.