[dns-operations] Quick analysis of TLD SOA's

Geoffrey Sisson geoff at dns-oarc.net
Wed Jul 13 16:44:55 UTC 2011

Jake Zack <jake.zack at cira.ca> wrote:

> And NegTTL expire times...more than half are set to 3 hours or less.

The 114 TLDs that have negative TTLs of 86400 (1 day) and 172800
(2 days) are presumably doing so because they're using pre-RFC 2308
semantics for the MINIMUM field.  86400 and 172800 used to be common
recommendations when MINIMUM meant, among other things, the minimum
TTL value of all RRs in the zone.  RFC 2308 advises that negative
TTL values "of one to three hours have been found to work well and
would make [sensible defaults]".

Last time I checked, the most common name server implementations
enforced a negative caching limit of three hours or less (by default)
no matter what was in the SOA.

At least the TLDs are doing better than most SLDs in .com, .org and .net.
In last year's Measurement Factory survey we found only 22% of zones
with negative TTL values in the "sensible" range:


[Section 14, "SOA Values"]


More information about the dns-operations mailing list