DNS Propagation

08 Oct, 2012 Tips and Tricks 1 Comment 3 Votes

99.9% of those who have anything even remotely to do with webhosting have encountered the unpleasant phenomenon known to most only as DNS propagation. To understand what this is and how it works, one needs to know certain things about the domain name system, or DNS for short.

Domain Name System

Basically, the domain name system is a software program that is run on a dedicated server called the DNS server. It’s there to resolve the domain names we can easily understand and remember into the IP addresses.

What IP addresses are for

Each network member, from a server to a personal computer, router or similar hardware component, has its own identification number, or IP address, which allows other network members to identify them via TCP/IP protocols and send them data packets or receive data packets from them.

These IP addresses are fully numerical, or in case of IPv6, hexadecimal, and thus very inconvenient to understand or remember. It is much easier to say that your website is www.example.com, then to always refer to it by its IPv4 address, 192.0.43.10

What DNS is for

The domain name system exists to associate the numeric IP addresses with the readable and easily-understood domain names. The DNS consists of a complex hierarchy of the so-called name servers that keep track of which IP address is associated with which domain name. Thus, in theory, when the end-user enters an URL in his or her browser window, the browser sends a query to the corresponding name server, which answers with an IP address of the domain name entered. The browser sends a session request to the server with the IP address it has received from the name server, and receives a response.

However in reality all this is much more complicated.

First of all, the end-user’s PC can’t really remember all the name servers for each web page. So, to look up the name server authoritative for the web-page that needs to be opened, the web-browser first queries root DNS servers. The root servers give the IP address and now the browser can query the authoritative name server directly.

In order not to send dozens of queries to-and-from for opening one single website, the DNS information is stored with intermediary network members, such as ISP providers.

TTL

Since the DNS information isn’t static and changes constantly due to domain name expiration, server migration, IP address changes etc., etc., the DNS information must also be updated regularly.

For that, the so-called time-to-live, or TTL for short, is used.

TTL is a value of how long the DNS information should remain stored by a network node. It is set by the system administrator of the node in question and varies wildly from one network member to another. It can be seconds, or minutes, or even days, but, to save cache and memory space, by an unspoken rule, it’s usually around 24 hours for new domains and never longer than 72 hours for existing domains.

Even the end-user’s browser stores DNS information after its first look-up of a website.

So, now, with all these factors included, the picture of a web-site look-up is as follows:

Website look-up process flowchart

Now, for all this to take place, the name server information stored at the root servers must be correct, thus:

correct nameservers are indicated in the NS record of the domain’s DNS zone file

name servers listed by a domain registrar match the ones in a DNS zone.

If there is a discrepancy between the name servers recorded at the root-servers, and those listed in the domain’s DNS zone file, the domain name will not resolve properly.

DNS propagation

So, let’s say that we have a website and a domain name associated with it, and it’s been hosted by SRHP (Some Random Hosting Provider), and we want to change our hosting provider.

To do so, we got the information for the new account, and the friendly technical support staff has already helped us get the site’s content to the new server that will be hosting our account in the future. However, our web-site’s visitors still won’t see the website if they type the URL in their browser.

First, we need to update our domain with proper nameservers, usually via simply logging in to domain registrar’s website, and change the name servers listed there to those our new hosting provider has provided us with.

Now, our new DNS configuration is set up correctly and everything should work, right?

Wrong, because all around the world, our website’s visitors’ ISPs, and a number of other network members and hardware components still have the old DNS information cached in their memory. And, since all of them have different TTL values, it will also take a different amount of time until they refresh their cache and will be able to provide the correct, up-to-date DNS information to any querying party.

DNS propagation in action

Let us study this on the example of a domain name dnspropagation.co.cc, that we’ve registered for this purpose.

We have edited the domain’s DNS zone and are submitting the name servers that should be authoritative for it. The same name servers have been changed in the domain registrar’s records as well.

Now, we check what network members have updated their cache already and are able to view the website for the domain dnspropagation.co.cc through the use of a DNS propagation checker tool, such as http://whatsmydns.com

DNS records not yet propagated

As we can see, the freshly-registered domain name isn’t resolving at all yet. Let’s wait for a few minutes and do another check-up.

DNS records propagated partially

Now the domain name is being resolved from New Zealand, but not from anywhere else.

Let’s give the DNS propagation a few hours and check the results.

DNS records almost propagated

The progress of DNS propagation is evident. Now, several random name servers around the world have the proper, up-to-date information stored in their cache and are able to resolve the domain name dnspropagation.co.cc properly.

After 24 hours of ongoing DNS propagation the picture looks like this:

DNS records propagated in full

Now, we can witness that all name servers randomly selected around the world have refreshed their caches and can resolve the domain name dnspropagation.co.cc properly and provide the querying parties with the correct IP address of the server it’s being hosted on.

So, the domain dnspropagation.co.cc can now be opened by any browser in the world.

That’s only the case, however, because dnspropagation.co.cc is a newly-registered domain name. No-one has ever accessed it before, so no ISP provider or router has any information about it cached.

In case of an older domain, the process of the DNS propagation can take up to 3 days, because most ISPs set their own TTL for their cache to lessen the load on their network, the longer the TTL, the better.

Conclusion

Let’s sum this all up now.

The domain registrar is the one responsible for publishing the domain name’s DNS information at the very first (root server) DNS level.

When it is published, it is placed into a directory that is broadcast out to primary DNS servers around the world. The primary DNS servers in turn broadcast out to secondary DNS servers and so on and so forth.

This process is known as propagation and can take upwards of 72 hours to complete.

Propagation refers to the amount of time it takes for all the DNS servers everywhere around the world to recognize the fact that either a new domain has been registered, a domain name has been changed, or that the authority for that domain has changed.

[alert]It doesn’t always take 72 hours for the DNS propagation to complete. For most users, the propagation period is over well within that time, but there are no guarantees that every browser around the globe is able to open the website either.[/alert]