[dns-operations] TTL=0; Last known good answer (Re: dns retries amplify attack)

Tony Finch dot at dotat.at
Wed Oct 26 09:01:32 UTC 2016

Paul Vixie <paul at redbarn.org> wrote:
> i think that even www.google.com/a, which holds the record for all time
> most popular rrset, would have good amortization of its cache miss costs
> if it had an 18-hour reuse period.
> especially if it was refreshed every 1.8 hours. you gotta do the math
> before you decide that sub-day max-ttl isn't long enough. "for what?"

There are two kinds of records in the DNS: end-user records like
www.google.com, and delegation records (NS, glue). End-user records often
have short TTLs (minutes) for agility, but delegation records have
relatively long TTLs (days) to minimize latency from iterative lookups.

Has anyone published a more recent version of this study of DNS cache
effectiveness? http://www.nms.lcs.mit.edu/papers/dns-ton2002.pdf

f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Tyne, Dogger, Fisher, German Bight, Humber: West or southwest 4 or 5,
increasing 6 at times. Slight or moderate. Showers. Good.

More information about the dns-operations mailing list