Date: Thu, 01 Sep 2005 02:30:12 +1000 From: Norberto Meijome <freebsd@meijome.net> To: Jerod Prothe <jprothe@usd217.org>, FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: mail malady - dns/postfix Message-ID: <4315DB14.20509@meijome.net> In-Reply-To: <4315D763.3000102@usd217.org> References: <4315C67B.9020907@usd217.org> <4315CB68.7010708@meijome.net> <4315CDF7.60107@usd217.org> <4315D25D.7020701@meijome.net> <4315D763.3000102@usd217.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Jerod Prothe wrote: > > > Norberto Meijome wrote: > >> Jerod Prothe wrote: >>> Norberto Meijome wrote: >>>> Jerod, >>>> pls define 'local citizens'. My view of "local" is surely different >>>> to yours. [...] > > Actually the ones complaining are the ones in the same domain as our > ISP. Meaning, pld.com (the one and only ISP in the area) subscribers are > having trouble emailing staff here. well, you could ask your ISP to make sure they have expired your zone if they haven't. you can easily test by doing nslookup - [your_isp's_NS] which will force nslookup to query that server. I've known ISPs that ignore the settings in SOAs and set their own....which is a real pain. Still that doesn't help with those others that haven't updated yet, so they are going to otto's IP for SMTP service. make that IP the one that galley uses (as well as galley's real...). or just wait it out...though for 100 days that wait will be long. I would definitely check whether your ISP's NS is playing along nicely. >> over time (depending on your SOA) this will get fixed. >> > > What are good values to have for refresh/expire/retry times in zone > files? I would very much like to have other's records concerning my > network to be up-to-date. well, it really all depends to what delay you're happy to live with. from memory: Refresh is the one that tells non-authoritative (downstream) DNS servers when to refresh the data. expire when to consider it too old to serve it at all (in case your authoritative is down) retry is how often to try to get the real info from your authoritative server. so refresh is the one you really want to focus on for when things work ok, and the others for when your server is in trouble ;). I'd say it roughly takes 2 times refresh time for propagation to most the network (from experience, could be completelly wrong). It also depends on how much your zone is cached of course (how many users request this zone determines how many non-auth servers you need to worry about). As I said, I've set some high traffic zones to 20 minutes refresh and it works really well for us - YMMV B
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4315DB14.20509>