[dns-operations] EC2 resolver changing TTL on DNS answers?
Paul Hoffman
phoffman at proper.com
Tue Nov 28 16:37:29 UTC 2017
On 28 Nov 2017, at 7:15, Andrew Sullivan wrote:
> What's wrong with this?
In short, what's wrong is that 172800 is so much larger than 60 they
seem disconnected.
Does Amazon caps every TTL at 60? (This might be the case; I don't
currently have a way to check)
Making the TTL for NS records for a stable TLD like .nl
three-and-a-quarter orders of magnitude shorter seems wrong. It says
that Amazon believes that it knows better than the operator of a stable
TLD what the users of that TLD would want. And, if the caps are not
identical for every zone, it could seem punitive to some zone operators.
> The TTL isn't an instruction, it's a constraint. "Don't cache longer
> than $ttl," not, "Cache for $ttl."
That's completely true, but not all that relevant to "What's wrong with
this?". When given an option, taking an almost pathological extreme
seems wrong.
--Paul Hoffman
More information about the dns-operations
mailing list