I changed my TTL from 24 hours to 5 minutes. Do I need to wait 24 hours before changing the records?

Solution 1:

Anyone who has a cached copy of the domain record will not bother updating it for 24 hours, so yes if your intent is to have at most a 5 minute window of unavailability you should wait until all of the outstanding caches have updated to live no more than 5 minutes.

Solution 2:

It's (potentially) even worse than that -- you have to wait 24 hours after all of your authoritative servers have updated. The normal way for updates to happen is that you make a change to the zone on the primary server, and then each of the secondaries transfer the new zone data the next time they happen to check in with the primary. The check in frequency is controlled by the refresh interval in the zone's SOA record. Thus, in the worst case you'd have to wait the zone's refresh interval + the record's TTL.

You may also have to wait this long for the actual record changes. A 5-minute TTL won't do a lot of good if the secondaries only refresh every 6 hours. So you probably want to decrease the refresh interval on the zone as well for the period you want to be able to make quick changes.

Mind you, this may not apply to your setup. If you have a system that updates all authoritative servers together, this is not a problem (and I'm not familiar with Rackspace's DNS setup). But I'd recommend querying all of your authoritative servers individually (dig server.example.com @secondaryserver.example.com) to make sure they have the new TTL before starting your 24-hour countdown.

Solution 3:

Yes, you should wait. Even then of course it's not guaranteed that everyone will respect the TTL.

Solution 4:

Pulling together various comments and answers the complete procedure would be something like.

  1. Make sure you can update your authoratative servers in a timely manner.
  2. Reduce the TTL.
  3. Check all authoratatitive servers have the new ttl.
  4. Wait the old TTL so that cached values with the old TTL are (mostly) eliminated from caches (you can't gaurantee they will be gone from every cache because some caches might ignore the standards).
  5. Put the site on the old server into read-only mode (or if you can't do that replace it with a "we are down for maintinance" page).
  6. Perform the final copy from the old server to the new server (resulting in a read-only site on the new server).
  7. Change the DNS records.
  8. Make sure all authoratative servers have the new DNS records.
  9. Wait for the new ttl (you can skip this step if you don't care about some users being able to contribute to the site and other users not seeing the results of those contributions).
  10. Put the site on the new server into read/write mode.
  11. Put a notice on the old server that it is an outdated read-only copy and that the user likely has broken DNS.
  12. Wait a while for the records to drop out of noncompliant DNS caches.
  13. Decommission the old server.

Solution 5:

In addition to the other answers, you can use https://www.whatsmydns.net/ to check how your DNS record is propagating in almost real time. enter image description here