[192226] in North American Network Operators' Group
Re: Dyn DDoS this AM?
daemon@ATHENA.MIT.EDU (Masood Ahmad Shah)
Sat Oct 22 19:32:15 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <F4E5C782-BBA5-421A-97FC-28CD47BA5E08@gmail.com>
From: Masood Ahmad Shah <masoodnt10@gmail.com>
Date: Sat, 22 Oct 2016 13:22:45 +1100
To: George William Herbert <george.herbert@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
>
> > On Oct 21, 2016, at 6:35 PM, Eitan Adler <lists@eitanadler.com> wrote:
> >
> > [...]
> >
> > In practice TTLs tend to be ignored on the public internet. In past
> > research I've been involved with browser[0] behavior was effectively
> > random despite the TTL set.
> >
> > [0] more specifically, the chain of DNS resolution and caching down to
> > the browser.
>
>
> Yes, but that it can be both better and worse than your TTLs does not mea=
n
> that you can ignore properly working implementations.
>
> If the other end device chain breaks you that's their fault and out of
> your control. If your own settings break you that's your fault.
>
+1 to what George wrote that we should make efforts to improve our part of
the network. There are ISPs that ignore TTL settings and only update their
cached records every two to three days or even more (particularly the
smaller ones). OTOH, this results in your DNS data being inconsistent but
it=E2=80=99s very common to cache DNS records at multiple levels. It's an e=
ffort
that everyone needs to contribute to.
>
> Sent from my iPhone
