Efficacy of using short timeout values for an A record
Marc Lampo
marc.lampo at eurid.eu
Wed Feb 15 08:38:15 UTC 2012
More or less !
While I don't think it's a bug - I actually like the good feature ! -
Bind does allow to change some values in replies to make them "more
reasonable".
With respect to "TTL", there are :
max-ncache-ttl : max negative cache time
(defaults to 3 hours - with built-in, not changeable, max of 7
days)
and
max-cache-ttl : max positive cache time
(defaults to 7 days)
(other values that can be "corrected" are max and min refresh and retry
times,
thus protecting a slave server from "unreasonable" values sent by the
master.
Recommended ! )
Kind regards,
Marc Lampo
Security Officer
EURid (for the .eu tld)
-----Original Message-----
From: Alan Clegg [mailto:alan at clegg.com]
Sent: 14 February 2012 08:11 PM
To: bind-users at lists.isc.org
Subject: Re: Efficacy of using short timeout values for an A record
On 2/14/2012 1:42 PM, Chuck Swiger wrote:
> ISC's BIND has (or had) a MINTTL value of 5 minutes / 300 seconds.
> It's probably unreasonable to expect other platforms to refetch DNS
> records faster than that.
Uh... no. BIND has always respected TTL when caching information.
AlanC
--
alan at clegg.com | 1.919.355.8851
More information about the bind-users
mailing list