<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.apple-style-span
{mso-style-name:apple-style-span;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Keep in mind that most cache system are using Least Recent Used Algorithm for their cache without any removal of expired records. <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>So the reason that stuff gets thrown out is not because of TTL expiry, but rather because the cache is full. <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>I don’t know your exact test setup, but that might be why you are seeing so many resolvers not respecting your TTL.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>I think that is one of the reason why pre-fetching is giving such low gain. Every now and then you are going to prefetch something nobody wants on the expense of throwing out something that somebody actually later wanted. <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>/Stephan<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> dns-operations-bounces@lists.dns-oarc.net [mailto:dns-operations-bounces@lists.dns-oarc.net] <b>On Behalf Of </b>Wiley, Glen<br><b>Sent:</b> Thursday, November 07, 2013 9:18 AM<br><b>To:</b> Edward Lewis; DNS Operations<br><b>Subject:</b> Re: [dns-operations] Opinions sought .... have I come to the right place?<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>Be careful about conclusions you may draw from your data. <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>It may be helpful to remember that many large recursive implementations are comprised of a non-trivial footprint of hosts who may not share a cache across the network. In this case where you may find a TTL respected by a single host behind that recursive server VIP or even across multiple nodes at a single site behind the VIP it is possible that multiple successive queries land on dieffrent nodes with different caches.<o:p></o:p></span></p></div><div><div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>-- <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>Glen Wiley<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>KK4SFV<o:p></o:p></span></p></div></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>Sr. Engineer<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>The Hive, Verisign, Inc.<o:p></o:p></span></p></div></div></div></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'><o:p> </o:p></span></p></div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:black'>From: </span></b><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:black'>Edward Lewis <<a href="mailto:ed.lewis@neustar.biz">ed.lewis@neustar.biz</a>><br><b>Date: </b>Thursday, November 7, 2013 9:52 AM<br><b>To: </b>DNS Operations <<a href="mailto:dns-operations@mail.dns-oarc.net">dns-operations@mail.dns-oarc.net</a>><br><b>Cc: </b>Edward Lewis <<a href="mailto:ed.lewis@neustar.biz">ed.lewis@neustar.biz</a>><br><b>Subject: </b>[dns-operations] Opinions sought .... have I come to the right place?<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'><o:p> </o:p></span></p></div><div><div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>I've been studying TTL settings off and on for a few weeks, trying to decide what are appropriate numbers.<br><br>In the past we taught the trade-off as - longer TTLs will reduce queries while shorter TTLs will enable agility.<br><br>In looking at a set of data with a long TTL - 6 days - over a period of time I noticed that 0.005% of all queriers respected the TTL setting I had. I don't want to fork over details, so you can even say "0.005% +/- 5%" and in any case, it's small. I'll admit by number here might be a little bit of an undercount, still, it's little.<br><br>In experimenting with some recursive servers (and by no means an exhaustive set), some code bases did adhere to the "rules" and some code bases seem to ignore the "rules." I say this to the extent that the collective set of deployed tools out there pretty much are eating into the "longer TTLs will reduce queries" part of the above trade-off.<br><br>I see that in the IETF there are drafts to pre-fetch expiring data sets - which one can't argue with - but it makes, for an authoritative server operator - even more uncertainty in planning TTLs.<br><br>And I'll throw in another factoid from history. During DNSSEC workshops eons ago, we found that is the TTLs got too low, DNSSEC had problems. (Presumably because it took longer to fetch the chain than the TTL of the queried data.) Has anyone found a TTL to be too low for DNSSEC?<br><br>So, I'm turning to this list...what is a good range for TTLs?<o:p></o:p></span></p><div><div><p class=MsoNormal><span style='font-size:13.5pt;font-family:"Helvetica","sans-serif";color:black'>-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-<span class=apple-style-span> </span></span><span class=apple-style-span><span style='font-size:13.5pt;font-family:"Helvetica","sans-serif"'><o:p></o:p></span></span></p><div><div><div><p class=MsoNormal><span style='font-size:13.5pt;font-family:"Helvetica","sans-serif";color:black'>Edward Lewis <br>NeuStar You can leave a voice message at +1-571-434-5468<br><br>Why is it that people who fear government monitoring of social media are</span><o:p></o:p></p></div><div><p class=MsoNormal><span style='font-size:13.5pt;font-family:"Helvetica","sans-serif";color:black'>surprised to learn that I avoid contributing to social media?<o:p></o:p></span></p></div></div></div></div></div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'><o:p> </o:p></span></p></div></div><div class=MsoNormal align=center style='text-align:center'><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'><hr size=1 width="100%" noshade style='color:#ACA899' align=center></span></div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><span style='font-size:10.5pt;font-family:"Calibri","sans-serif";color:black'>No virus found in this message.<br>Checked by AVG - <a href="http://www.avg.com">www.avg.com</a><br>Version: 2014.0.4158 / Virus Database: 3629/6816 - Release Date: 11/07/13<o:p></o:p></span></p></div></body></html>