Does Nginx honor DNS TTLs for proxy upstreams?
mdounin at mdounin.ru
Mon Sep 26 09:37:47 UTC 2011
On Mon, Sep 26, 2011 at 04:42:07AM -0400, csg wrote:
> I have a short question on Nginx's proxy module. In our setup we reverse
> proxy specific requests to the server of an external partner via
> proxy_pass. Over the weekend the partner updated DNS but Nginx wasn't
> catching up the change and still sent traffic to the old server despite
> the fact the TTL of the record was little enough.
> An additional obstacle might be that in our case we have for example
> proxy_pass http://foo.example.com;
> where foo.example.com is a CNAME to bar.example.com (TTL of 1 hour)
> which is a A record (TTL of 60 seconds).
> Does Nginx honor DNS changes for upstream proxies or are lookups only
> done once on startup? If not, will the TTL being honor even if it has to
> traverse a list of CNAME records until it hits an A record?
No, domain names statically configured in config are only looked
up once on startup (or configuration reload).
> Both configuration directives, resolver and resolver_timeout are not
> set, therefore the default of 30 seconds should apply (if that is
> relevant here).
These are not relevant for "proxy_pass http://foo.example.com;".
Resolver is only used for proxy_pass with variables, i.e.
set $backend "foo.example.com";
In such setup ip address of "foo.example.com" will be looked up
dynamically and result will be cached for 5 minutes.
More information about the nginx