<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">The second one, the NXDOMAIN. I get
that they are publishing a 3600 TTL (which is wrong, because they
publish the master .ca zone file very 30 minutes, so it should be
1800 (which I will mention to them). But what is strange is that
other recursors, such as 1.1.1.1 and 8.8.8.8 picked up the changes
from the registry as soon as the new .ca master zone file was
published (usually about 20 minutes after the serial number time).</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">2011161530 example so that was the 1530
UTC update. That is normally able to be caught anywhere and
everywhere by 1550. So now to the next master, at 2011161600. So
one server was seeing (at 1620) the 1600 update properly at about
20 minutes after the publish, but another server, the recursor in
question, was still seeing the old 1530 master .ca zone file from
CIRA. Your answer re: TTL makes sense. I had always thought that
their TTL was 1800 as in my mind I had seen that many times. It is
possible someone has made an error in modifying their SOA at
CIRA. I'm going to check with them.<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Thanks for the reply.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Eric</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 2020-11-16 11:17 a.m., Brian Candler
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:cd77b25d-d074-fade-4f89-bf48d04d3b7b@pobox.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div class="moz-cite-prefix">On 16/11/2020 15:35, Eric Beck via
Pdns-users wrote:<br>
</div>
<blockquote type="cite"
cite="mid:d5c6f391-8c2f-4601-db48-ff297e4f4f4d@cadns.ca">
<pre class="moz-quote-pre" wrap="">The recursor was still one .ca master zone file behind</pre>
</blockquote>
<p>I'm not sure what you mean by "one .ca master zone file
behind". The recursor doesn't copy the zone file; it reads (and
caches) individual records.<br>
</p>
<blockquote type="cite"
cite="mid:d5c6f391-8c2f-4601-db48-ff297e4f4f4d@cadns.ca">
<pre class="moz-quote-pre" wrap="">, even after
plenty of time had elapsed.</pre>
</blockquote>
<p>Can you show the actual output for "dig" against the recursor
for the record in question? The dig output should have shown a
TTL, and that TTL should have been decrementing towards zero,
after which it would have been refreshed from one of the
authoritative servers for the domain.</p>
<p>Or were you getting NXDOMAIN for the query (for a newly-created
domain?) Negative answers are also cached. The .ca SOA record
says they can be cached for one hour:</p>
<p>;; ANSWER SECTION:<br>
ca. 3585 IN SOA prdpublish04.cira.ca.
admin-dns.cira.ca. 2011161530 1800 900 3456000 <b>3600</b><br>
</p>
<p><br>
</p>
<p> </p>
<blockquote type="cite"
cite="mid:d5c6f391-8c2f-4601-db48-ff297e4f4f4d@cadns.ca">
<pre class="moz-quote-pre" wrap="">Any idea why this would happen? Is there some setting that would result
in this sort of behaviour?</pre>
</blockquote>
<p>Most likely TTL, unless you can show evidence to the contrary.
You can use <a moz-do-not-send="true"
href="https://doc.powerdns.com/recursor/manpages/rec_control.1.html">rec_control
dump-cache</a> to dump the entire cache contents to disk.<br>
</p>
<p>Note: the PDNS recursor has multiple levels of cache, including
a "packet cache" which is a shortcut when exactly the same query
packet is seen again.</p>
<p>This can lead to some odd situations, where client A sees one
answer repeatedly with a 'dig', but client B sees a different
answer. This can happen if client A and client B asked with
different flags, so get mapped to different entries from the
packet cache, and the authoritative answer changed between
client A making the request and client B making the request.</p>
<p>But even those will resolve themselves when the record expires.</p>
<p>Regards,</p>
<p>Brian.<br>
</p>
</blockquote>
<p><br>
</p>
</body>
</html>