[171038] in North American Network Operators' Group
Re: AT&T / Verizon DNS Flush?
daemon@ATHENA.MIT.EDU (Jimmy Hess)
Wed Apr 16 14:25:48 2014
In-Reply-To: <13537.1397667419@turing-police.cc.vt.edu>
From: Jimmy Hess <mysidia@gmail.com>
Date: Wed, 16 Apr 2014 13:25:04 -0500
To: Valdis Kletnieks <Valdis.Kletnieks@vt.edu>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Apr 16, 2014 at 11:56 AM, <Valdis.Kletnieks@vt.edu> wrote:
> On Wed, 16 Apr 2014 10:21:34 -0600, Steven Briggs said:
>> Yeah...I know. Unfortunately, the domain was "mishandled" by our
>> registrar, who imposed their own TTLs on our zone, THEN turned it back over
>> to us with a 48HR TTL. Which is very bad.
>
> That's almost calling for a name-and-shame.
It's not hard to use WHOIS to lookup the registrar of each of the
nameservers for proofpoint.com
(ns1.proofpoint.us, ns3.proofpoint.us).
Long TTLS are appropriate for a production zone, but in my
estimation, it is improper for
a registrar to impose or select by default a TTL longer than 1 hour,
for a newly published or newly changed zone.
The TTL can and should be reasonably low initially and
automatically increased gradually over time,
only after the zone has aged with no record changes and confidence is
increased
that the newly published zone is correct.
--
-JH
