On Wed, Jan 3, 2018 at 5:58 PM, Mik J <mikyde...@yahoo.fr> wrote: > Thank you Bob for your answer. > I continued to search and saw rfc1912 page 4 > It's much higher than I first thought > > > > Le mercredi 3 janvier 2018 à 20:05:57 UTC+1, Bob Harold < > rharo...@umich.edu> a écrit : > > > > On Wed, Jan 3, 2018 at 1:57 PM, Mik J via bind-users < > bind-users@lists.isc.org> wrote: > > Hello, > > I would like to have your thoughts about what should be the best values > for refresh, retry, expire and negative cache. > > In my case I have 2 DNS which are hosted in 2 different locations. These > location are near one another (100km). The latency is very low and packet > is 0. > I configured a lot of zones on my DNS and they not master for someone else. > This is a very simple setup in termes of master/slave. > > I would be tempted to > * configure a high refresh period since I have notify configured on the > master. What about 7200s ? > * Configure a high retry period because I don't expect the master to be > offline, what about 3600 ? > * configure a expire very high like 2 days so that the DNS service would > work even if the master is down > * I don't have any opinion about the negative ttl yet but any advices are > welcomed. > > What about your setups if it looks like mine ? > > Regards > > > I typically use an expire time of 14 days or a month. But that said, you > need some way to get notified that zone transfers are failing. > The refresh and retry are ok, but personally I would set them lower > because they don't generate a lot of traffic, and a notify could get lost. > It depends on how sensitive you are to extra traffic. > > Negative TTL depends partly on how fast you want new (or accidentally > deleted) records to be usable. I use 10 minutes. > > -- > Bob Harold > >
Thanks for mentioning rfc1912. I just read it again, and the advice is good. One update - I think that "minimum" is now used only as the TTL for NXDOMAIN (domain name does not exist) replies. The default TTL is set with a $TTL record (usually at the top of the zone file). -- Bob Harold
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users