Common Issue: ISP Caching/Propogation

Yash

Bass
Dated: September 1, 2003

One of the most common reasons why your website may go down is due to ISP Caching or propogation issues. These issues can occur when:

1) You have updated your domain's name server settings
2) You have made changes to your website's DNS configuration locally (eg: Switching to a static IP)
3) We have made IP changes to our servers

These issues resolve normally within a period of 24 to 72 hours. To determine if you website is resolving to the correct IP, you may use http://www.dnsstuff.com. The correct IP will be the shared or dedicated IP that shows for your website in the Control Panel. DNSStuff.com also has an ISP Caching tool to help you determine if your IP is being cached by several major ISPs.

To determine if your website is visible across the internet, you may use http://www.amegaproxy.com. This is a proxy tool which will allow you to view your website through another server via another ISP.
 
This is possibly the most frustrating part of what I do. Sitting around, waiting for websites to resolve to their correct IP's, and for emails to arrive at their correct mailbox locations...

Some tips on changing your dns that have worked for me:

1. DON'T unless you really have to - it can sometimes be a major headache.

2. Once you have updated your nameservers, try to wait at least 24 hours before even attempting to access your website. This seems to limit the chance of your ISP caching the sites IP address as described in Yash's original post, above.

3. If possible, set your old email server to forward your emails to a third party email address. This way, if you lose access to your old email server, it doesn't matter so much.

Things not to be suprised at:

1. You have changed your dns, and your website is resolving to your new host. Then it reverts back to your old host. Then it disappears, then reappears. Take a break, and check back in 24 hours.

2. Email accounts do the same. I have had situations where email accounts have been in limbo for up to a week. It's a nightmare, but these seems little you can do to prevent this.

WHY AM I WRITING ALL THIS?

I'm writing this as I'd really like to spark a discussion so that maybe we can all understand this better - exchange tips etc. There seems precious little out there on the web that addresses this issue. Please feel free to correct anything I state that you don't agree with.
 
I currently have a problem with a domain that I have recently changed to a dedicated IP for the sole purpose of activating shared SSL. I have an open ticket, but wondered if anyone could shed any light on this problem...

My domain did seem to be resolving to the new dedicated IP, but today it has reverted back to the shared. Strange, since this has now been OVER a week! I had an open ticket as it was the shared domain that hadn't been resolving to the correct IP - but now it's reversed - ie the shared domain is working fine.

It gets better. I went to dnsstuff.com, and they also reported the shared IP. However, Support advised me otherwise, so I went back. I hit refresh several times and noticed that every six or so refreshes, the IP would switch between the shared and the dedicated IP!!!!! Then, dns stuff's system kicked in, thinking I was an automated program and stopped me.
 
Thanks Yash - I guess I am now subject to ISP caching again? Is this something that should have been done before now or liekely to happen again? ie - Is this something I can ask in the future to be checked when switching to a dedicated IP on other domains, without waiting for the problem to persist?
 
After changing IP settings for a website (not NS settings for a domain name), I suggest you use the Windows NT/2000/XP nslookup utility to check if the hostname resolves to the right IP. Normally this will be the case, but it doesn't hurt to check.

Open a Command prompt and use these commands:
nslookup englishtherapy.com. ns1.jodoshared.com
nslookup www.englishtherapy.com. ns1.jodoshared.com
nslookup englishtherapy.com. ns2.jodoshared.com
nslookup www.englishtherapy.com. ns2.jodoshared.com

Don't forget the trailing dots after the .com, or you might get unexpected results. You should see a response like:
Name: www.englishtherapy.com
Address: 66.235.182.41

If all 4 queries return the proper value, you only have to worry about a bit of caching here and there. If one of them returns a wrong value, which might include a single wrong IP or more than one IP, check again in, say, 5 or 10 minutes. If it's still wrong, you should contact JodoHost support and have them look into it.

As long as these values are all correct, transition effects should never last more than 24 hours. If one of them is incorrect ISPs might start caching the wrong value, causing inpredictable results for times to come.

The whole thing is slightly more complicated when you change DNS settings for a domain name. Those records are sometimes cached longer, but normally most problems will be gone after 48 hours max (24 hours to the DNS server to change, then another 24 hours to let the cached entry from the old server expire)
 
Interesting - thanks for the tutorial. The website is still giving the 'Under Contruction' page, but I can see that all the IP's seem to be right. Hopefully it will sort itself out...
 
chris said:
Interesting - thanks for the tutorial. The website is still giving the 'Under Contruction' page, but I can see that all the IP's seem to be right. Hopefully it will sort itself out...

Hmm, working fine here... Try
nslookup -debug www.englishtherapy.com.
It should tell you how much longer your ISP's nameserver is caching the DNS entry (TTL):

Code:
    QUESTIONS:
        [url]www.englishtherapy.com[/url], type = A, class = IN
    ANSWERS:
    ->  [url]www.englishtherapy.com[/url]
        internet address = 66.235.182.41
        ttl = 86202 (23 hours 56 mins 42 secs)

You might want to use ipconfig /flushdns (XP only I think) if your ISP is returning the correct value, it might help.
 
Would you care to decipher this response I got for me?



Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\chris>nslookup -debug www.englishtherapy.com
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 3, additional = 1

QUESTIONS:
185.188.69.207.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 185.188.69.207.in-addr.arpa
name = ns1.mindspring.com
ttl = 3244 (54 mins 4 secs)
AUTHORITY RECORDS:
-> 188.69.207.in-addr.arpa
nameserver = hearsay.earthlink.net
ttl = 3301 (55 mins 1 sec)
-> 188.69.207.in-addr.arpa
nameserver = speakeasy.earthlink.net
ttl = 3301 (55 mins 1 sec)
-> 188.69.207.in-addr.arpa
nameserver = rumor.earthlink.net
ttl = 3301 (55 mins 1 sec)
ADDITIONAL RECORDS:
-> speakeasy.earthlink.net
internet address = 207.69.188.200
ttl = 1592 (26 mins 32 secs)

------------
Server: ns1.mindspring.com
Address: 207.69.188.185

------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
www.englishtherapy.com.earthlink.net, type = A, class = IN
AUTHORITY RECORDS:
-> earthlink.net
ttl = 1800 (30 mins)
primary name server = ns1.earthlink.net
responsible mail addr = dns-admin.earthlink.net
serial = 2004020600
refresh = 3600 (1 hour)
retry = 300 (5 mins)
expire = 2592000 (30 days)
default TTL = 1800 (30 mins)

------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 2, additional = 0

QUESTIONS:
www.englishtherapy.com, type = A, class = IN
ANSWERS:
-> www.englishtherapy.com
internet address = 66.235.182.41
ttl = 86400 (1 day)
AUTHORITY RECORDS:
-> englishtherapy.com
nameserver = ns1.jodoshared.com
ttl = 86400 (1 day)
-> englishtherapy.com
nameserver = ns2.jodoshared.com
ttl = 86400 (1 day)

------------
Non-authoritative answer:
Name: www.englishtherapy.com
Address: 66.235.182.41


C:\Documents and Settings\chris>

___

sorry - yes, I have done the dnsflush command - doesn't help eeither at this time.
 
chris said:
QUESTIONS:
www.englishtherapy.com.earthlink.net, type = A, class = IN

It says you forgot the trailing dot after the .com :)
Sorry, it wasn't clear in my post, but you need to include the trailing dot here also or it treats the query as if you're trying to resolve a hostname in your default domain, in this case eartlink.net.

ANSWERS:
-> www.englishtherapy.com
internet address = 66.235.182.41
ttl = 86400 (1 day)

The query further down seems to be returning the correct result, if that comes from your ISP's nameserver and you get the same result from it's secondary nameserver, ipconfig /flushdns or a reboot should make your website display normally.

The TTL seems to be 86400, which is the maximum. Seems somewhat odd to me, but it's possible if the hostname wasn't cached at all and the server just looked it up for you.
 
OK - my domain is now resolving to the correct IP. Thanks guys!


Unfortunately, I have a new problem: My shared SSL 3rd level domain address is: https://secureenglishtherapy.m****here.biz/

- .m****here.biz - not sure why that's not displaying properly.. anyhow,

This should point straight to http://www.englishtherapy.com. It does NOT! It redirects to:

http://www.inforcodigo.com/catalog/ - which gives this page error:

Warning: Unknown(/home/hsphere/local/home/inforcod/inforcodigo.com/catalog/index.php): failed to open stream: Permission denied in Unknown on line 0

Warning: (null)(): Failed opening '/home/hsphere/local/home/inforcod/inforcodigo.com/catalog/index.php' for inclusion (include_path='.:/usr/local/lib/php') in Unknown on line 0

WHAT's GOING ON???!!!! - this secure domain was set up over a week ago, and has previously worked (as recently as yesterday)....
 
Problem resolved. no pun intended ;) I have posted my ticket below:



Q: It's working! I guess somethings just can't be explained sometimes ;) I appreciate your help.
[Feb 10, 2004 1:20:54 PM]

A: Chris

This is nothing short of strange. It is resolving to the correct IP through every remote server we tested it at. Try using a different ISP and machine.
[Feb 10, 2004 12:05:27 PM]

Q: OK - I accept that it could be ISP caching (again) and will wait another 48 hours, BUT surely there is a reason why it suddenly started resolving elsewhere when it was working perfectly before? Just want to understand what happened, that's all. Without an explanation why my ISP has suddenly cached an incorrect IP I'm not convinced. They must have got the IP from you to begin with - right? Thanks for your help.
[Feb 10, 2004 11:54:35 AM]

A: Hi

Did you try running ipconfig /flushdns

Your ISP or your machine is resolving the address into an incorrect IP. We have checked your host name here at it resolves and works correctly

This could be due to ISP caching as well. I recommend you wait 48 hours
[Feb 10, 2004 11:51:18 AM]

Q: I get the right IP (results below) - but that doesn't help me - surely there has to be an explanation? - you saw the results from my machine!

Ping #1: Got reply from 66.235.182.41 in 32ms [TTL=113]
Ping #2: Got reply from 66.235.182.41 in 34ms [TTL=113]
Ping #3: Got reply from 66.235.182.41 in 35ms [TTL=113]
Ping #4: Got reply from 66.235.182.41 in 32ms [TTL=113]

[Feb 10, 2004 11:39:23 AM]

Q: Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Christopher James>ping secureenglishtherapy.m****here.
biz

Pinging secureenglishtherapy.m****here.biz [66.36.228.155] with 32 bytes of data
:

Reply from 66.36.228.155: bytes=32 time=37ms TTL=49
Reply from 66.36.228.155: bytes=32 time=38ms TTL=49
Reply from 66.36.228.155: bytes=32 time=37ms TTL=49
Reply from 66.36.228.155: bytes=32 time=38ms TTL=49

Ping statistics for 66.36.228.155:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 38ms, Average = 37ms

C:\Documents and Settings\Christopher James>
[Feb 10, 2004 11:37:29 AM]

A: Hi

Very strange. Absolutely wrong IP
What do you get from http://www.dnsstuff.com ?
[Feb 10, 2004 11:31:02 AM]

A: Hello,
We are looking into the issue and I think it is a resolution issue which may due to the shuft of servers.As sooon as it gets resolves we'll get back to you.
Regards
 
I have just opened a ticket but am posting to see if anyone else is having this problem. Also, I'm getting a little nervous about having to keep a 24 a day check on websites to make sure they are working...?

___________________________________

OK - this problem is getting really old and tired. The domain www.nn-enterprises.com had SSL enabled and a dedicated IP given weeks ago. It has worked fine since my last entry on this ticket (Feb 5) - now it has reverted back to the shared IP when you use the 'www' prefix. See my ping results below:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Christopher James>ping www.nn-enterprises.com

Pinging www.nn-enterprises.com [66.235.181.49] with 32 bytes of data:

Reply from 66.235.181.49: bytes=32 time=47ms TTL=113
Reply from 66.235.181.49: bytes=32 time=46ms TTL=113
Reply from 66.235.181.49: bytes=32 time=47ms TTL=113
Reply from 66.235.181.49: bytes=32 time=47ms TTL=113

Ping statistics for 66.235.181.49:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 46ms, Maximum = 47ms, Average = 46ms

C:\Documents and Settings\Christopher James>ping nn-enterprises.com

Pinging nn-enterprises.com [66.235.182.31] with 32 bytes of data:

Reply from 66.235.182.31: bytes=32 time=48ms TTL=113
Reply from 66.235.182.31: bytes=32 time=47ms TTL=113
Reply from 66.235.182.31: bytes=32 time=47ms TTL=113
Reply from 66.235.182.31: bytes=32 time=47ms TTL=113

Ping statistics for 66.235.182.31:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 47ms, Maximum = 48ms, Average = 47ms

C:\Documents and Settings\Christopher James>

PLEASE sort this out and advise what the problem is. Thank you.
 
Hi, I ran acros this thread on Google, because i'm having a domain propogation issue as well, and like was said at the first of this thread, there's not alot of good material out there.

Anyways, there are SEVERAL poeple with this issue on another host i am using as well. And the admin just keeps saying that it's not uncommon for a domain to still not be propogated within 10 days. But it's happening to several people at this place, and it just doesn't hold water.

Here's some items I'm seeing when I run dnsreport.com on some of the domains having issues....

I'm getting the generic MSN page...We can't find "domain.com", please search again.

When I do dnsreport.com on it, I get 2 FAILS :
MX Category: ERROR: Timeout
. I could not reach any of your nameservers to get a list of your MX records! They are likely down or unreachable.
Connect to mail servers ERROR: I could not find any mailservers for davotek.com.

and 4 WARNS :
SOA EXPIRE value: WARNING: Your SOA EXPIRE time is : 3600000 seconds. This seems a bit high. You should consider decreasing this value to about 1209600 to 2419200 seconds (2 to 4 weeks). RFC1912 recommends 2-4 weeks. This is how long a secondary/slave nameserver will wait before considering its DNS data stale if it can't reach the primary nameserver.

SOA REFRESH value WARNING: Your SOA REFRESH interval is : 28800 seconds. This seems a bit high. You should consider decreasing this value to about 3600-7200 seconds. RFC1912 2.2 recommends a value between 1200 to 43200 seconds (20 minutes to 12 hours; 12 hours seems very high to us), although some registrars may limit you to 10000 seconds or higher, and if you are using DNS NOTIFY the refresh value is not as important (RIPE recommend 86400 seconds if using DNS NOTIFY). This value determines how often secondary/slave nameservers check with the master for updates. A value that is too high will cause DNS changes to be in limbo for a long time.

NS TTL discrepancy: Warning: Your NS records at your authoritative DNS servers have TTLs that do not match what the parent servers report:
ns18.fast-servers.net. [TTL 172800 at parent; 14400 at 64.246.54.74]
ns17.fast-servers.net. [TTL 172800 at parent; 14400 at 64.246.54.74]
In some cases, this can cause some serious problems. For example, if the parent servers have a 172800 second TTL (48 hours), and your authoritative DNS servers report a TTL of 3600 seconds (1 hour), you are saying that the parent DNS servers do not have the correct information. But, after 1 hour your DNS records may time out. At that point a DNS resolver will need to get fresh NS records. This can cause a serious problem in some cases.

Nameservers on separate class C's: WARNING: All of your nameservers (listed at the parent nameservers) are in the same Class C (technically, /24) address space, which means that they are probably at the same physical location. Your nameservers should be at geographically dispersed locations. You should not have all of your nameservers at the same location.

Pretty weird, cause i have another webhost that i use that passes all these and gets an A on the DNS timing lookup at DNSstuff.com . However this domain gets an F on that same test. see report below...
Looking up at ns17.fast-servers.net.... Reports 1 A record(s). 41ms.
Looking up at ns18.fast-servers.net.... Timed out.

I realize there's alot of text in this thread, but i'm hoping someone will see this and understand it and hopefully give me some suggestions on how to correct this situation. Like how do you fix the FAILED error i got ...MX Category: ERROR: Timeout? Any ideas?
thanks in advance!!! :)
 
Back
Top