Networking

為什麼 TTL 有時會在 DNS 查詢之間重新增加?

  • January 27, 2015

dig xkcd.com,我得到了這樣的東西:

; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> xkcd.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52538
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;xkcd.com.          IN  A

;; ANSWER SECTION:
xkcd.com.       769 IN  A   107.6.106.82

;; AUTHORITY SECTION:
xkcd.com.       87784   IN  NS  dns3.p03.nsone.net.
xkcd.com.       87784   IN  NS  dns1.p03.nsone.net.
xkcd.com.       87784   IN  NS  dns2.p03.nsone.net.
xkcd.com.       87784   IN  NS  dns4.p03.nsone.net.

;; ADDITIONAL SECTION:
dns1.p03.nsone.net. 70809   IN  A   198.51.44.3
dns2.p03.nsone.net. 70809   IN  A   198.51.45.3
dns3.p03.nsone.net. 71406   IN  A   198.51.44.67
dns4.p03.nsone.net. 70809   IN  A   198.51.45.67

;; Query time: 222 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Wed Jan 21 22:16:42 HKT 2015
;; MSG SIZE  rcvd: 206

是的769記憶體TTLxkcd.com。但是,當我重複dig xkcd.com幾次(彼此相隔幾秒鐘)時,我TTL每次都會得到一個看似隨機的值。這是順序:

TRY | ANSWER | AUTHORITY | ADDITIONAL | WHEN
====================================================================
1   | 586    | 59577     | 44474      | Wed Jan 21 22:18:31 HKT 2015
2   | 587    | 14242     | 56745      | Wed Jan 21 22:18:32 HKT 2015
3   | 658    | 87673     | 70698      | Wed Jan 21 22:18:34 HKT 2015
4   | 1022   | 76200     | 51189      | Wed Jan 21 22:18:40 HKT 2015
5   | 1200   | 160954    | 44662      | Wed Jan 21 22:18:41 HKT 2015
6   | 574    | 59565     | 44462      | Wed Jan 21 22:18:43 HKT 2015
7   | 646    | 87661     | 70686      | Wed Jan 21 22:18:46 HKT 2015
8   | 1200   | 121364    | 55967      | Wed Jan 21 22:18:47 HKT 2015
9   | 1200   | 83292     | 54698      | Wed Jan 21 22:18:48 HKT 2015
10  | 1024   | 40540     | 43816      | Wed Jan 21 22:18:49 HKT 2015

為什麼我會得到這個看似隨機(在一個範圍內)的值TTL?我希望它會逐漸減少,因為它是記憶體的。

Dig 報告**TTL 到期前的剩餘時間,**而不是實際的 TTL 值。如果數量不同,則很可能您正在查詢不同的 DNS 伺服器(例如,循環),這些伺服器的記錄記憶體時間不同,因此具有不同的到期時間。

如果您對同一個 DNS 伺服器執行相同的查詢,您將看到 TTL 減少(大致)與您在查詢之間等待的秒數相同。見下文:

ragnarok:~ cwatson$ dig a cwatson.org @192.168.50.11; sleep 2s; dig a cwatson.org @192.168.50.11

; <<>> DiG 9.8.3-P1 <<>> a cwatson.org @192.168.50.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39178
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cwatson.org.           IN  A

;; ANSWER SECTION:
cwatson.org.        5847    IN  A   46.249.223.150

;; Query time: 43 msec
;; SERVER: 192.168.50.11#53(192.168.50.11)
;; WHEN: Wed Jan 21 14:51:08 2015
;; MSG SIZE  rcvd: 45


; <<>> DiG 9.8.3-P1 <<>> a cwatson.org @192.168.50.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24943
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cwatson.org.           IN  A

;; ANSWER SECTION:
cwatson.org.        5845    IN  A   46.249.223.150

;; Query time: 45 msec
;; SERVER: 192.168.50.11#53(192.168.50.11)
;; WHEN: Wed Jan 21 14:51:10 2015
;; MSG SIZE  rcvd: 45

因此,對於您的完整範例,您有 769 秒的時間直到 A 記錄過期,這將強制從您的上游 DNS 伺服器重新查找。

有關更多詳細資訊,請參見此處的答案。

引用自:https://serverfault.com/questions/661236