We talk a lot about migrations at Prostack and one of the things customers ask us is about DNS propagation. This post will explore one of the most misunderstood aspects of making changes to your DNS records – how long it takes before they take effect.
DNS is the system that converts IP addresses (which computers understand) to domain names, which are easy for humans to understand. There are lots of facets to DNS and it’s a topic on which we could write exhaustively, but for now, we wanted to address one of the big concerns our new customers have:
“If I change my DNS, will I have to wait 24 hours for it to take effect?”
Site owners are, rightly, concerned about downtime during the migration process, and in particular the amount of time DNS records take to change. The good news is that in 2021, DNS propagation need not take anywhere as long as you might think.
DNS 101 – Nameservers vs Resolvers
There are two types of DNS server- Nameservers and Resolvers. Nameservers are the “source of truth” for a domain- they store and serve information about where a domain points- be that website, email or other services. A nameserver is said to be “authoritative” for a domain. They typically take the format of “ns1.provider.com”- ours are “ns1.prostack.host” for example.
The other type of DNS server is a resolver. A resolver is what your computer uses to retrieve DNS records from nameservers. In effect, when your computer wants to connect to a website, it asks the resolver- “Please give me the DNS record for prostack.uk”.
Why not ask the nameserver directly? Well, a resolver is typically used by a large number of people, so in order to save resources and bandwidth caching large numbers of DNS queries, resolvers cache the responses they receive. And this is where we run into issues- because how long they cache a response for, determines the length of time for DNS propagation to complete.
When served, DNS records have TTL – Time To Live. This tells the resolver how long to keep the record in its cache for. They’re measured in seconds. Here’s the query for prostack.uk and the data returned:
;; QUESTION SECTION:
;prostack.uk. IN A
;; ANSWER SECTION:
prostack.uk. 195 IN A 172.67.70.24
prostack.uk. 195 IN A 104.26.10.130
prostack.uk. 195 IN A 104.26.11.130
;; Query time: 7 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
The “TTL” value is 195 here, meaning the records will be cached by the resolver for another 195 seconds. Once that 195 seconds is up, it goes back to the nameserver and asks what the value is. So if you make a DNS record change, you would need to wait for the TTL to expire before it’s picked up by the resolver.
The big problem here comes from nameservers setting large TTLs– often 24 hours, or even longer. Some caching resolvers have even been known to set their own TTLs- overriding the ones they receive from the nameserver- which makes the problem worse. And that’s before we even get into the issue of resolvers setting their own DNS record values for their own purposes.
Because there are a large number of DNS resolvers out there- from small ISP caches to large services like Google and Cloudflare’s, you have to wait for the TTL to expire before you can be sure your DNS change has fully propagated to the internet at large.
The TTL (and sheer number of global resolvers) is where the myth comes from- because these were historically set very high, DNS propagation often took a lot longer than it needed to. However, with careful planning and a few tricks, we can cut down the time it takes these changes to take effect.
How to work around the problem
There are a couple of solutions we employ:
1- Set a low TTL. These days having a low TTL isn’t a huge issue, because DNS queries are relatively inxpensive to serve (resource-wise) and not particularly bandwidth intensive, so you can safely set values of 300 (5 mins) or even lower if you need to. We set this as a default for all our sites. If we’re migrating and DNS changes are involved, we’ll also do this ahead of time to minimise disruption.
2- Clear provider’s caches. It’s not very well-known, but many of the world’s largest DNS resolvers have a purge functionality, allowing them to be cleared immediately. Here are the links:
Google DNS (8.8.8.8): https://developers.google.com/speed/public-dns/cache
Cloudflare DNS (1.1.1.1): https://1.1.1.1/purge-cache/
OpenDNS: https://cachecheck.opendns.com/
Using these methods means you don’t have to wait until the TTL expires- you can immediately purge and have your changes take effect.
In summary- whilst DNS propagation was often a source of worry for many clients moving provider, it’s no longer something that need be feared. Whilst these methods aren’t always bulletproof, we find that in the majority of cases they allow us to ensure that DNS record updates take place almost immediately.
If you’re interested in knowing more about our carefully managed migration process, get in touch at https://www.prostack.uk/contact