Hello,
DESEC’s ttl has a setting range of [3600,86400],which might cause problem when dns update need to be frequent,or want to cache for a long time to speed up resolve.Thus,might better to widthen the range.
This is a non issue. When a dynamic DNS update is pushed the ttl is automatically 60.
2 Likes
TTLs larger than a day have no practical advantage in terms of resolution speed. (If your domain is resolved frequently, it will be in the cache almost always anyway. And if it is not frequently resolved and the resolver does not have it in the cache, lookup latency is largely independent of TTL.)
However, TTLs larger than a day make it difficult to change things like DNSSEC settings. (The change process for many DNSSEC aspects takes a multiple of the largest TTL in the zone.) We thus don’t see a reason to increase the range towards longer TTLs.
For short ones, as @edgeintegrated said, updates using our DynDNS update interface use TTL of 60s. Otherwise, you can always email support with an explanation why you need special TTLs.
Stay secure,
Peter
3 Likes
Hi!
I agree that longer TTLs are not needed. However, shorter TTLs should IMHO be possible for regular domains via UI:
When you have to make changes in your infrastructure, like moving to another server and the like, it is quite common to set a TTL of 60s a day before the move so you have a rather clear cut between when which server will be used.
AFAIK many (if not most or all) major IT-providers do it just like that.
And very large IT-companies have load balancers that allow for the same fine grained control over the DNS