[dns-operations] Who Ignores TTLs ?
Ed.Lewis at neustar.biz
Thu Feb 17 15:12:13 UTC 2011
At 15:01 +1300 2/17/11, Simon Lyall wrote:
>I keep seeing a persistent complaint that some DNS caching operators
>ignore TTLs or otherwise keep records for longer than the TTL would indicate.
I'll be a pest and point out two examples, which are probably not
what you have in mind.
Old products - Years ago I knew of some $vendor equipment that
ignored it, the $vendor fixed it. The point is not the specific
equipment, but there will be "old stuff" to watch out for.
Applications just doing their job - SSH does not shut down
connections when the TTL of the address records involved expires. I
mention this to help scope the concern - expired TTL information may
persist for a long time. This doesn't sound like your concern, but
it could make it look like the caches are extending TTLs. (Same
applies to DNSSEC signature expiration times, etc.)
NeuStar You can leave a voice message at +1-571-434-5468
Me to infant son: "Waah! Waah! Is that all you can say? Waah?"
More information about the dns-operations