[olug] DNS Cut Over -- TTL vs. Expires

Jeff Hinrichs JeffH at delasco.com
Wed Feb 14 21:16:31 UTC 2007


-----Original Message-----
From: olug-bounces at olug.org [mailto:olug-bounces at olug.org] On Behalf Of
Sean Kelly
Sent: Wednesday, February 14, 2007 11:50 AM
To: Omaha Linux User Group
Subject: Re: [olug] DNS Cut Over -- TTL vs. Expires

On Wed, Feb 14, 2007 at 11:21:05AM -0600, Jeff Hinrichs wrote:
> I am confused between Time To Live (TTL) and Expires. (that is what 
> happens when you only occasionally have to monkey with your DNS 
> servers
> ;[) Do I need to decrease both of them or just one or the other?
> Currently:
> TTL = 38400 seconds
> Expiry = 604800 seconds

The expiry number tells other secondary/slave nameservers how long they
should service requests for your zone when they've not been able to
contact the primary and get updates within the refresh/retry periods.
This only applies to secondary/slave nameservers.

The TTL is the time-to-live for each RR by nameservers across the
Internet as they resolve and cache records for your zone. This is the
one that has a greater impact on your zone, assuming your primary
nameserver doesn't vanish a lot. Is is this value that really controls
how long it takes for the Internets to notice a change to a RR.

I've had TTLs dropped to as low as 5 minutes during periods when we know
we're about to transition some critical service. Our standard TTL is
(1 day), so we'll drop the TTL to 300 a day or two ahead of our change
and then push it back up after the change.

That is exactly what I hoped to hear.  I'd been reading through the
grasshopper book but I still wanted a sanity check.  Thanks Sean.


More information about the OLUG mailing list