3

I am wanting to control the destination IP address for www.example.com (but not example.com) using DNS and exert the most control over this subdomain TTL as I can since I do not have direct control of the parent domain itself. I am aware of 2 mechanisms I can use:

  1. I can set up a zone for www.example.com in my name servers and have the name servers for example.com set up NS records for www.example.com.
  2. I can use a CNAME to point www.example.com to example.mydomain.com and then control example.mydomain.com. This is probably simpler for the remote party to set up, as delegating using NS records is a lot less common in the circles I frequent.

What I am a little vague on is the subtleties of the ttl mechanisms - particularly around caching. If I use a CNAME, will the actual TTL be controlled by both the TTL on the www.example.com record AND the TTL on example.mydomain.com, or (provided the CNAME record does not change), is this tied only to the A record for example.mydomain.com.

Similarly, if I use NS entries, is it fair to say that (provided the nameservers do no not change), that the TTL for changes to the resolution of www.example.com is controlled by the TTL for the www.example.com A record and I don't need to worry about the TTL's of the NS records?

davidgo
  • 73,366

1 Answers1

1

The TTL of a record applies to that record and that record alone and starts expiring once it enters the cache of any given nameserver/caching-resolver.

Note that many (most?) caching nameservers (i.e. caching resolvers used by end clients) will put a minimum 300 second TTL on all records that are fetched with any lower value. Note also there can be more than one caching nameserver between the client and the authoritative nameserver.

You probably want a relatively long TTL on any CNAME (or NS, MX, etc.) records, and possibly a much shorter (e.g. as short as 300s) TTL on any A records.

The simplest way to have someone delegate a hostname (e.g. www.example.com) to allow you to control the final A record is of course with a CNAME, but of course keep in mind that such a hostname must be a subdomain name, i.e. it cannot be at a zone cut since of course a CNAME may not exist with any other records at the same node.

For example in the parent domain nameserver:

$ORIGIN example.com.
www  1w  IN  CNAME  foo.mydomain.example.

Then in your nameserver:

$ORIGIN mydomain.example.
foo  1h  IN  A  192.168.0.1
Greg A. Woods
  • 345