[dns-resolver-tf] Default max-ttl (was: Final final draft of RIPE DNS Resolver Best Common Practices)
- Previous message (by thread): [dns-resolver-tf] Final final draft of RIPE DNS Resolver Best Common Practices
- Next message (by thread): [dns-resolver-tf] Default max-ttl (was: Final final draft of RIPE DNS Resolver Best Common Practices)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Shane Kerr
shane at time-travellers.org
Fri Mar 29 21:09:15 CET 2024
Tim, On 24/03/2024 20.00, Tim Wicinski wrote: > Some more and apologies as I was thinking the updates were in the git > repo which was what confused me. > > > ### TTL Recommendations > > Software typically defaults to a maximum stored TTL of 1 or 2 days. > A lower TTL will mean removing rarely-used records that have long TTL, > and should not have much operational impact from a CPU or network > point of view > > Where did this 1 or 2 days come from? From most s/w I've seen the default > max-cache-ttl is a few hours. For defaults... It came from a vague memory of mine from a DNS OARC presentation in the mists of history. I recall some presentation where someone measured this and found that most cache entries disappeared after 1 day, and everything else except for a rounding error after 2 days. Neither DuckDuckGo nor Qwant seem to be able to help me find said presentation, so it might be a LLM-style hallucination in my brain. I did check defaults from various open source resolvers: BIND uses 1 week: https://bind9.readthedocs.io/en/stable/reference.html#namedconf-statement-max-cache-ttl Unbound uses 1 day: https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound.conf.html Knot Resolver uses 1 day: https://knot-resolver.readthedocs.io/en/stable/daemon-bindings-cache.html#cache.max_ttl PowerDNS Recursor uses 1 day: https://doc.powerdns.com/recursor/settings.html#max-cache-ttl Cheers, -- Shane -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_0x3732979CF967B306.asc Type: application/pgp-keys Size: 11519 bytes Desc: OpenPGP public key URL: <https://lists.ripe.net/ripe/mail/archives/dns-resolver-tf/attachments/20240329/70e83470/attachment.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature.asc Type: application/pgp-signature Size: 840 bytes Desc: OpenPGP digital signature URL: <https://lists.ripe.net/ripe/mail/archives/dns-resolver-tf/attachments/20240329/70e83470/attachment.sig>
- Previous message (by thread): [dns-resolver-tf] Final final draft of RIPE DNS Resolver Best Common Practices
- Next message (by thread): [dns-resolver-tf] Default max-ttl (was: Final final draft of RIPE DNS Resolver Best Common Practices)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]