<div dir="ltr"><div><div>Disclaimer: I don't officially speak for the university.<br><br></div>Both here and in a previous job at a multi-national company, we tried to standardize on 30 minutes. The reason is that when a server has problems and someone comes running to us to get a DNS change to get the users working again, a half hour seems like a long time to be down, especially with manufacturing plants losing money at ridiculous rates for any downtime. I don't want to have to tell the user it will take hours or days for a DNS change, or ask him to find everyone around the world that happens to be trying to reach his service to tell them to reboot their PC or clear their DNS cache - that is generally impossible.<br>
<br></div>I realize that 30 minutes might increase the load on my DNS servers, but with modern servers I am generally buying the smallest server I can find for local DNS resolvers, and it is still bigger than I really need. (Although recent attacks have changed that.)<br>
<div><div><div><div class="gmail_extra"><br></div><div class="gmail_extra">Some users want faster updates, so some records are set to 5 minutes. And sites that do load balancing or sharing by changing DNS records use 0, 1, or 5 seconds. I try to avoid zero because I expect that some software won't handle that.<br>
</div><div class="gmail_extra"><br></div><div class="gmail_extra">We do not use DNSSEC yet, so I have no experience with that.<br></div><div class="gmail_extra"><br><div>-- <br>Bob Harold<br>DNS and DHCP, University of Michigan<br>
</div>
<br><br><div class="gmail_quote">Date: Thu, 7 Nov 2013 09:52:57 -0500<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
From: Edward Lewis <<a href="mailto:ed.lewis@neustar.biz">ed.lewis@neustar.biz</a>><br>
To: DNS Operations <<a href="mailto:dns-operations@lists.dns-oarc.net">dns-operations@lists.dns-oarc.net</a>><br>
Cc: Edward Lewis <<a href="mailto:ed.lewis@neustar.biz">ed.lewis@neustar.biz</a>><br>
Subject: [dns-operations] Opinions sought .... have I come to the<br>
right place?<br>
Message-ID: <<a href="mailto:0C72B731-82F9-4898-837F-3657EF0B6AAC@neustar.biz">0C72B731-82F9-4898-837F-3657EF0B6AAC@neustar.biz</a>><br>
Content-Type: text/plain; charset="us-ascii"<br>
<br>
I've been studying TTL settings off and on for a few weeks, trying to decide what are appropriate numbers.<br>
<br>
...<br></blockquote><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
So, I'm turning to this list...what is a good range for TTLs?<br>
<br>
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-<br>
Edward Lewis<br>
NeuStar You can leave a voice message at <a href="tel:%2B1-571-434-5468" value="+15714345468">+1-571-434-5468</a><br>
<br></blockquote></div></div></div></div></div></div>