I am wanting to control the destination IP address for (but not example.com) using DNS and exert the most control over this subdomain TTL as I can since I do not have direct control of the parent domain itself. I am aware of 2 mechanisms I can use:
- I can set up a zone for in my name servers and have the name servers for
example.comset up NS records for . - I can use a CNAME to point to
example.mydomain.comand then controlexample.mydomain.com. This is probably simpler for the remote party to set up, as delegating using NS records is a lot less common in the circles I frequent.
What I am a little vague on is the subtleties of the ttl mechanisms - particularly around caching. If I use a CNAME, will the actual TTL be controlled by both the TTL on the record AND the TTL on example.mydomain.com, or (provided the CNAME record does not change), is this tied only to the A record for example.mydomain.com.
Similarly, if I use NS entries, is it fair to say that (provided the nameservers do no not change), that the TTL for changes to the resolution of is controlled by the TTL for the A record and I don't need to worry about the TTL's of the NS records?
41 Answer
The TTL of a record applies to that record and that record alone and starts expiring once it enters the cache of any given nameserver/caching-resolver.
Note that many (most?) caching nameservers (i.e. caching resolvers used by end clients) will put a minimum 300 second TTL on all records that are fetched with any lower value. Note also there can be more than one caching nameserver between the client and the authoritative nameserver.
You probably want a relatively long TTL on any CNAME (or NS, MX, etc.) records, and possibly a much shorter (e.g. as short as 300s) TTL on any A records.
The simplest way to have someone delegate a hostname (e.g. ) to allow you to control the final A record is of course with a CNAME, but of course keep in mind that such a hostname must be a subdomain name, i.e. it cannot be at a zone cut since of course a CNAME may not exist with any other records at the same node.
For example in the parent domain nameserver:
$ORIGIN example.com.
www 1w IN CNAME foo.mydomain.example.Then in your nameserver:
$ORIGIN mydomain.example.
foo 1h IN A 192.168.0.1
