TTL and Google DNS

digdomain-name-systemttl

I've found a similar post about this, however my user can't comment.

I wonder why doing dig @8.8.8.8 domain.com prints out different "countdowns" when running it several times in few seconds, as if that domain was cached in different places inside 8.8.8.8 with different TTLs.

For example,

dione@saturno:~$ dig serverfault.com @8.8.8.8 +noall +answer

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> serverfault.com @8.8.8.8 +noall +answer
;; global options: +cmd
serverfault.com.    39  IN  A   198.252.206.140
dione@saturno:~$ dig serverfault.com @8.8.8.8 +noall +answer

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> serverfault.com @8.8.8.8 +noall +answer
;; global options: +cmd
serverfault.com.    288 IN  A   198.252.206.140
dione@saturno:~$ dig serverfault.com @8.8.8.8 +noall +answer

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> serverfault.com @8.8.8.8 +noall +answer
;; global options: +cmd
serverfault.com.    37  IN  A   198.252.206.140
dione@saturno:~$ dig serverfault.com @8.8.8.8 +noall +answer

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> serverfault.com @8.8.8.8 +noall +answer
;; global options: +cmd
serverfault.com.    36  IN  A   198.252.206.140
dione@saturno:~$ dig serverfault.com @8.8.8.8 +noall +answer

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> serverfault.com @8.8.8.8 +noall +answer
;; global options: +cmd
serverfault.com.    284 IN  A   198.252.206.140

Best Answer

The reason why different TTLs are shown at different query is that 8.8.8.8 is a (Virual IP) load balancer which has many DNS servers attached to it. And so every new request that arrive lands on different DNS server each time.

This is true with all public DNS servers. And if you would like to know the actual TTL of a domain then you have to query the (SOA) authoritative DNS server of that domain. And so ns1.google.com. is the authoritative for google.com domain and querying it will give you a fixed (actual) TTL every time.

$ dig google.com @ns1.google.com.

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> google.com @ns1.google.com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5513
;; flags: qr aa rd; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;google.com.            IN  A

;; ANSWER SECTION:
google.com.     300 IN  A   74.125.236.78
google.com.     300 IN  A   74.125.236.67
google.com.     300 IN  A   74.125.236.68
google.com.     300 IN  A   74.125.236.73
google.com.     300 IN  A   74.125.236.69
google.com.     300 IN  A   74.125.236.64
google.com.     300 IN  A   74.125.236.71
google.com.     300 IN  A   74.125.236.70
google.com.     300 IN  A   74.125.236.66
google.com.     300 IN  A   74.125.236.65
google.com.     300 IN  A   74.125.236.72

;; Query time: 101 msec
;; SERVER: 216.239.32.10#53(216.239.32.10)
;; WHEN: Tue Jan 27 12:06:58 2015
;; MSG SIZE  rcvd: 204
Related Topic