[olug] DNS Cut Over -- TTL vs. Expires

Sean Kelly smkelly at zombie.org
Wed Feb 14 17:49:32 UTC 2007


On Wed, Feb 14, 2007 at 11:21:05AM -0600, Jeff Hinrichs wrote:
> I am confused between Time To Live (TTL) and Expires. (that is what
> happens when you only occasionally have to monkey with your DNS servers
> ;[) Do I need to decrease both of them or just one or the other?
> Currently:
> 
> TTL = 38400 seconds
> Expiry = 604800 seconds

The expiry number tells other secondary/slave nameservers how long they
should service requests for your zone when they've not been able to contact
the primary and get updates within the refresh/retry periods. This only
applies to secondary/slave nameservers.

The TTL is the time-to-live for each RR by nameservers across the Internet
as they resolve and cache records for your zone. This is the one that has a
greater impact on your zone, assuming your primary nameserver doesn't
vanish a lot. Is is this value that really controls how long it takes for
the Internets to notice a change to a RR.

I've had TTLs dropped to as low as 5 minutes during periods when we know
we're about to transition some critical service. Our standard TTL is 86400
(1 day), so we'll drop the TTL to 300 a day or two ahead of our change and
then push it back up after the change.

-- 
Sean Kelly          | PGP KeyID: D2E5E296
smkelly at smkelly.org | http://www.smkelly.org



More information about the OLUG mailing list