why is ssh using cached dns record when dig reports updated version of cname record?

Red Cricket

12/16/22, 9:40 PM

I have a Jenkins pipeline that will start my AWS Ubuntu EC2 instances. This Jenkins pipeline will also update a CNAME record I have for my EC2 instances in route53.

Sometimes there is a long delay in my ability to ssh to the instance via the CNAME. I figured it might be a cache issue, but if I execute dig the-cname.example.com I see the updated versions of the DNS records. Also I have no problem ssh'ing to the new IP and the value of the DNS A record that AWS gave my instance.

Is my ssh client using a cached version of the CNAME?

122

1 + 1

domain-name-system

ssh

Patrick Mevzek

12/17/22, 2:47 AM

DNS entries have `TTL` or `Time To Live` which gives an upper bound of time during which the record is considered fresh and shouldn't trigger a new query by client. It seems in your case you might need to lower those values.

Score:2

Server

Ginnungagap

12/16/22, 10:15 PM

dig performs an actual DNS query, while ssh will simply ask your system (most likely through gethostbyname) to resolve a name.

dig will ask an actual DNS server while ssh will ask the local service in charge of DNS (nowadays, most likely systemd-resolve) which will cache results.

If using systemd, you can clear the cash using systemd-resolve flush-caches.

0 + 2

Red Cricket

12/16/22, 10:50 PM

doh! I forgot to mention that my ssh client is executed from a mac laptop. I'm sure there is a equivalent command.

Red Cricket

12/17/22, 9:43 PM

on a mac I can do `sudo killall -HUP mDNSResponde`

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: why is ssh using cached dns record when dig reports updated version of cname record?

TH: เหตุใด ssh จึงใช้บันทึก DNS ที่แคชเมื่อขุดรายงานเวอร์ชันอัปเดตของบันทึก cname

RO: de ce folosește ssh înregistrarea dns în cache atunci când rapoartele dig versiunea actualizată a înregistrării cname?

RU: почему ssh использует кешированную запись DNS, когда dig сообщает об обновленной версии записи cname?

VI: tại sao ssh sử dụng bản ghi dns được lưu trong bộ nhớ cache khi khai thác báo cáo phiên bản cập nhật của bản ghi cname?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.