[171039] in North American Network Operators' Group
Re: AT&T / Verizon DNS Flush?
daemon@ATHENA.MIT.EDU (William Herrin)
Wed Apr 16 16:00:55 2014
In-Reply-To: <CAAAwwbUBj_44raVTh90JnEoS=O=nJxLyPTXmBbMYzvqk5pTLcw@mail.gmail.com>
From: William Herrin <bill@herrin.us>
Date: Wed, 16 Apr 2014 15:59:50 -0400
To: Jimmy Hess <mysidia@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Apr 16, 2014 at 2:25 PM, Jimmy Hess <mysidia@gmail.com> wrote:
> It's not hard to use WHOIS to lookup the registrar of each of the
> nameservers for proofpoint.com
> (ns1.proofpoint.us, ns3.proofpoint.us).
>
> Long TTLS are appropriate for a production zone, but in my
> estimation, it is improper for
> a registrar to impose or select by default a TTL longer than 1 hour,
> for a newly published or newly changed zone.
>
> The TTL can and should be reasonably low initially and
> automatically increased gradually over time,
> only after the zone has aged with no record changes and confidence is
> increased
> that the newly published zone is correct.
There was a study on an unrelated topic a presented at a NANOG or ARIN
meeting a few years back. I don't recall the exact details. The
interesting bit was the analysis they did on DNS caching to see the
impact from varying the TTL. I don't remember the exact numbers, but
short TTLs exhibited only a small increase in query rate over long
ones.
There's really no driving need to set the TTL higher than 1 hour,
ever, under any circumstances.
-Bill
--
William D. Herrin ................ herrin@dirtside.com bill@herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
