North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Jonathan Yarden @ TechRepublic: Disable DNS caching on workstations

  • From: Jason Frisvold
  • Date: Mon Apr 18 16:06:24 2005
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta;; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=j5/wkCTeatm6700jAtWOhaOwFJ/8P9KBYXlM4W3qKEI6TZqo6NcnEIYOxJgvhdUxgS6X9m7nc7VCM6zaLmG3qildBwGXe4vsxgg6zmYTKqfyex1tMXYMdZXlmG2IE5zwHxFY1s+Fk7fZ3OgmnBKrmveHFEfzYGOVD4ArpOrhHuE=

On 4/18/05, Mikael Abrahamsson <[email protected]> wrote:
> It would be very interesting in seeing the difference in DNS traffic for a
> domain if it sets TTL to let's say 600 seconds or 86400 seconds. This
> could perhaps be used as a metric in trying to figure out the impact of
> capping the TTL? Anyone know if anyone did this on a large domain and have
> some data to share?

Our first foray into DNS was using a DNS server that defaulted to
86400 for new entries..  Not being seasoned, we left this alone.. 
Unfortunately, I don't have any hard data from that dark time in our

Windows 2000 DNS seems to set the ttl to 3600, which is a tad on the
low side, I think...  At least for mostly-static domains, anyways. 
But I believe the reasoning there was that they depended heavily on
dynamic dns..

> If one had to repeate the cache poisoning every 10 minutes I guess life
> would be much harder than if you had to do it once every day?

I dunno..  how hard is it to poison a cache?  :)

> --
> Mikael Abrahamsson    email: [email protected]

Jason 'XenoPhage' Frisvold
[email protected]