Expiration TTLs

Chris Buxton chris.p.buxton at gmail.com
Mon Dec 3 00:41:05 UTC 2012

On Dec 1, 2012, at 12:17 PM, Paul Romano wrote:

> What is a good compromise on zone expiration TTLs?  Our DNS is authoritative for AD DNS and we want to make sure we force records to refresh but do not want to expose ourselves to the risk of zone failures.

The zone expiration timer is not a TTL timer. The two are different.

Zone expiration should usually be at least a week. I've set mine to 6 weeks. This timer has nothing to do with the refresh interval, which is also defined in the SOA record.

Chris Buxton
BlueCat Networks

More information about the bind-users mailing list