Matus UHLAR - fantomas
uhlar at fantomas.sk
Fri Feb 9 08:17:12 UTC 2018
>Am 09.02.2018 um 07:02 schrieb sthaug at nethelp.no:
>>Yesterday I measured, on our busiest resolvers, the amount of replies
>>with TTL=0 the resolvers received (from the authoritative servers).
>>Turns out we receive around 2.3 percent replies with TTL=0. This is
>>a percentage I can live with, and I see no reason to artificially
>>inflate the TTL.
>>That being said - if the percentage had been significantly higher, I
>>would feel it was perfectly reasonable to set a minimum TTL of for
>>instance 10s. I agree that this is a decision for each operator.
On 09.02.18 08:21, Reindl Harald wrote:
>and i can tell you from where they are coming:
>CISCO router with "DNS-ALG" between primary and slave writing in
>front of every CNAME explicit a TTL 0 statement - was there and it
>takes a long time until you realize that your slave repsonds with
>differnt data as you configured
which, in advance, hugely increases the amount of DNS queries sent by
clients for hosts that are widely used. That can backfire and hugely
increase load (session count) on those cisco routers.
Using min-ttl would help much there. And it's the part that can be fixed on
side of BIND without waiting for network admins.
been there too...
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I don't have lysdexia. The Dog wouldn't allow that.
More information about the bind-users