This question comes from this topic. When I do this I get the remaining seconds until the A record expires in the queried nameserver:
dig stackexchange.com
However, if I do this I get the authorative TTLs values:
dig any stackexchange.com
So, I don’t understand why when I do dig any stackexchange.com
I get all TTL values as if I did an authorative question, when I actually made a recursive query.
Best Answer
To be short, Both of the queries you have mentioned in the question are non-authoritative query.
DNS records for a domain can be queried from a caching DNS server or from an authoritative DNS server. So when you want to query a caching DNS server you can either specify the DNS IP address or if not specified, the default DNS server that has been configured in
/etc/resolv.conf
will be taken.Non authoritative query
or
In above both cases the query returns a non-authoritative reply because your ISP's DNS or Google's public DNS (8.8.8.8) are not authoritative for
stackexchange.com
domain. As you have queried an non-authoritative nameserver the TTL value it provides will decrease for each time you query it. Once the TTL value expires the caching nameserver will requery the authoritative DNS server.Authoritative query
So to get an authoritative reply you need to query the record from an authoritative DNS server and which can be found with below method.
The ANSWER SECTION provides the authoritative nameservers for the domain
stackexchange.com
and so if we need to get the authoritative reply thenWhile we query the authoritative DNS server the TTL values will not change because these Nameservers are the primary source of the information and they dont expire until its administrator changes it.
How ANY record works
ANY record is like a wild-card, you can use it to get all records that are cached/stored in a DNS server. For example I have queried
stackexchange.com
for ANY record and my default DNS server replies as below.Here you can see that the reply contains only information about
SOA
,A
andNS
record. But there are actually more records forstackexchange.com
which are not cached in my default DNS server as I havent queried for it.Now I am querying for
MX
record to my default DNS server and the reply is asNow I again query for
ANY
record and now you can see that query forANY
has returnedMX
records too. And soANY
record will just provide records that are only cached on your default nameserver.And as you can see the TTL values are changing for non-authoritative replies.