On 28/03/12 13:01, Cameron Bradley wrote:
Hi All,
Hi Cameron,
It has come to my attention in the course of moving the DNS for a number of domains that several of the ISPs in this country are mangling the TTLs on records queried by their recursive DNS servers. This behaviour seems to me to be undesirable in situations where someone may have set a record to a shorter TTL to facilitate smoother movement between hosting providers. In the cases I’m seeing, records with TTLs of 14400 are being handed out with TTLs of 86400 by the service provider’s servers.
In recent years DNS cache implementors have added functionalities to mangle TTLs on records living in the cache, for performance management. The functionalities are around setting minimum and maximum TTLs for records, if their original values are below/beyond certain threshold. For example, if a record has a short TTL (300 seconds), then is "stored" in the cache with a minimum TTL (1 hour) set by the operator. The same applies to records with large TTLs (few days) are put into the cache with 1-day TTL. I'm not aware of how common is this practice, but the argument I heard is to ease the load in cache in the case of low TTLs.
How common is this practice, and what are the benefits to the SP from doing it? From my perspective there is also the concern that this, for all intents and purposes appears to be bad practice, and serves to ‘break’ DNS in itself.
Effectively a good DNS administrator would like to control their TTL at their will (we do!) based on a rational process. For example, CDN operators use low TTL to quickly react to outages. But there is also lots of breakage out there caused by non-rational decisions. If you put a low TTL plus a nameserver with the wrong config, you can easily get a query storm in your cache. Cheers,
Regards,
Cameron Bradley
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
-- Sebastian Castro DNS Specialist .nz Registry Services (New Zealand Domain Name Registry Limited) desk: +64 4 495 2337 mobile: +64 21 400535