I have moved my server recently and updated the DNS information accordingly. And, the information was propagated in about 15-30 minutes, which is really good. But, when I looked at the logs on the old server, I could see that 5-10% of the users were hitting the old server for couple of days (some were even hitting the old one after a week)...
My TTL for the DNS record is 86400s, but as I said, I could not figure out why it was taking soo long for some to get the updated version. And, I am guessing that it is because whether their ISP is caching that information, or probably their desktop is caching the information.
But, in any case, is there a way to avoid this or make it go faster and not wait for days?
No, the user will will not be able to update the ISP's dns servers. They will only be able to change how the local machine looks up records. Could you imagine the chaos if any end user could change the DNS entries of a ISP?
I have no idea what chaos you are talking about? What do you mean by user's changing DNS entries of ISP?
I was talking about updating the DNS cache of ISP. For most caches, clients make a request to the cache instead of the original source, and the cache manager decides whether to return the existing entry in the cache, or refresh/refectch the entry, then return that one. This decision is made by considering many factors! If, one of these factors is to check incoming NS traffic and cache is sophisticated, then user's lookup might be an initiative for the DNS cache to update itself...
For example if ISP can see that there is a manual inquiry on some domain name, it might opt out to invalidate that entry in its cache, and the next request will fetch the current value. In this case, there is no direct effect of the user on ISP cache, it is just a means of catching hints from here and there.
I apologize if I was misunderstanding what you were asking. Here it is in a nutshell. The user is not going to be able to initiate the ISP's name servers to lookup new information. The ISP has their interval update set.
If the user could initiate that, it could still be exploited with a proper script. You could make an ISP's name servers constantly query for updates, ecentially flooding out valid requests.