In message <54f62dda.9020...@globis.net>, Ray Hunter writes: > > Ted Lemon <mailto:mel...@fugue.com> > > 3 March 2015 20:36 > > > > Why do you say that? Is a ~60 minute TTL too short for a home device? > > I don't think so. As soon as the old address is deprecated, you remove > > the record pointing to it--you don't keep it around. You install AAAA > > records only for non-deprecated addresses. Why is this a problem? Why > > the need for a 36 hour timeframe?24 ho > 36 hours is a number plucked out of thin air by me that is longer than > 24 hours, which is a historic default refresh time for many DNS servers > e.g. RFC1912 https://www.ripe.net/ripe/docs/ripe-203 . > One hour TTL could mean 24 times the DNS traffic compared to that > historic norm. It also could mean (re)signing DNSSEC zones more than 24 > times per day as hosts move around the homenet.......
TTLs and signature validity intervals are independent of each other. You can have a TTL of zero with a signature validity interval of 30 days. > So it's clearly a trade off. The trade off is how often the data being signed changes. Dynamic zones only sign the data that is changing. If you update a A record that is two sets of signatures. Those for the A record set and the SOA record. You don't re-sign the entire zone unless you are crazy. Even doing it by hand the tools can work out what needs to be signed, re-signed and what doesn't. > What's the difference in practical terms between 1 second, 1 minute, 1 > hour, and 1 day? > > You either have more name resolution traffic (every day), or you have > more temporary addresses and old prefixes hanging around for longer > (during a renumbering event, which is presumably not every day). > > Any operators got any input on how often they propose to rotate prefixes > on domestic connections? > > -- > Regards, > RayH > > _______________________________________________ > homenet mailing list > homenet@ietf.org > https://www.ietf.org/mailman/listinfo/homenet -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
