Tuesday, October 25, 2016

checking TTL of a domain with dig

Since latest DDOS attacks on DNS servers, it can be useful to check the TTL setting for domains. The TTL set how long a DNS server caches the result of the last lookup. In stable environments one of the most common used settings is 3600 (one hour).

How to check the TTL of a domain with dig?

First we ask googles DNS ( for an answer. In this case google DNS server is not the authoritative DNS server. Therefor it will show the remaining time the result is cached.
In this example with amazon.com 35 seconds are left.

To get the defined TTL for the domain, we have to ask one of the authoritative DNS servers. In this example ns2.p31.dynect.net (one of the list shown above as result from google DNS). As youc an see, the defined TTL for amazon.com is 60 (seconds).