[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: [Shib-Users] DNS Caching Duration?
From:       Russ Allbery <rra () stanford ! edu>
Date:       2010-07-22 22:54:41
Message-ID: 876307unym.fsf () windlord ! stanford ! edu
[Download RAW message or body]

Peter Schober <peter.schober@univie.ac.at> writes:
> * aig@ucop.edu <aig@ucop.edu> [2010-07-22 20:16]:

>> We have a similar problem. Only this time, this is not about the
>> upgrade.  We have an IDP server of which we have clones - as
>> backup. So, if we were to do maintenance on one, we would switch the
>> DNS entry to the backup box. Now, when we tried this last week, we
>> noticed the same problem that Chris had.

> Did you reduce the TTL on the DNS zone early enough in advance?  Even
> then some clients or resolver libraries might not care and still cache
> the entry for a while.

Some versions of nscd, for instance, are notorious for caching things for
up to an hour without regard for the TTL.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>
[prev in list] [next in list] [prev in thread] [next in thread]