On Wed, Apr 16, 2014 at 2:25 PM, Jimmy Hess <mysidia@gmail.com> wrote:
It's not hard to use WHOIS to lookup the registrar of each of the nameservers for proofpoint.com (ns1.proofpoint.us, ns3.proofpoint.us).
Long TTLS are appropriate for a production zone, but in my estimation, it is improper for a registrar to impose or select by default a TTL longer than 1 hour, for a newly published or newly changed zone.
The TTL can and should be reasonably low initially and automatically increased gradually over time, only after the zone has aged with no record changes and confidence is increased that the newly published zone is correct.
There was a study on an unrelated topic a presented at a NANOG or ARIN meeting a few years back. I don't recall the exact details. The interesting bit was the analysis they did on DNS caching to see the impact from varying the TTL. I don't remember the exact numbers, but short TTLs exhibited only a small increase in query rate over long ones. There's really no driving need to set the TTL higher than 1 hour, ever, under any circumstances. -Bill -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004