[dns-operations] Prime TTL values for TLD and root server delegations.
Colm MacCárthaigh
colm at stdlib.net
Mon Dec 21 17:05:46 UTC 2009
2009/12/21 Colm MacCárthaigh <colm at stdlib.net>:
> No doubt, this question has been asked before - but I can't seem to
> find a good, documented, answer for it;
>
> Why aren't the TTLs on NS delegations served by root servers and TLD
> operators prime numbers?
>
> colmmacc at caer (~) $ dig www.example.com @k.root-servers.net
> ...
> com. 172800 IN NS a.gtld-servers.net.
>
> colmmacc at colmmacc (~) $ dig www.example.com @a.gtld-servers.net.
> ...
> example.com. 172800 IN NS a.iana-servers.net.
I forgot to add some more detail;
The TTL on the A records for the gtld servers is also 172800;
a.gtld-servers.net. 172800 IN A 192.5.6.30
The TTL on the A records for the zone servers is a whole divisor - 21600;
a.iana-servers.net. 21600 IN A 192.0.34.43
and finally, the TTL for www.example.com is itself 172800;
www.example.com. 172800 IN A 192.0.32.10
So, when the priming query is in-phase, the following all expire at
the same time;
NS records for .
NS records for com.
NS records for example.com.
A record for a.gtld-servers.net.
A record for a.iana-servers.net.
A record for www.example.com
making www.example.com a great example of the disastrous caching
mis-alignment anti-pattern. It only affects 1 query in very many, but
the behaviour becomes very bi-modal. If these were each prime numbers,
the occurrence would only happen a few times per universe-lifetime.
Just wondering :-)
--
Colm
More information about the dns-operations
mailing list