Thanks Shane

Before I wrote that I went and dug around looking for examples....and looking at your link I know what I did.  I was reading the max-ncache-ttl setting. DOH and double DOH.

I am chastised and thanks!

tim


On Fri, Mar 29, 2024 at 4:09 PM Shane Kerr <shane@time-travellers.org> wrote:
Tim,

On 24/03/2024 20.00, Tim Wicinski wrote:
> Some more and apologies as I was thinking the updates were in the git
> repo which was what confused me.
>
>
>      ### TTL Recommendations
>
>      Software typically defaults to a maximum stored TTL of 1 or 2 days.
>      A lower TTL will mean removing rarely-used records that have long TTL,
>      and should not have much operational impact from a CPU or network
>      point of view
>
> Where did this 1 or 2 days come from?  From most s/w I've seen the default
> max-cache-ttl is a few hours.

For defaults...

It came from a vague memory of mine from a DNS OARC presentation in the
mists of history. I recall some presentation where someone measured this
and found that most cache entries disappeared after 1 day, and
everything else except for a rounding error after 2 days. Neither
DuckDuckGo nor Qwant seem to be able to help me find said presentation,
so it might be a LLM-style hallucination in my brain.

I did check defaults from various open source resolvers:

BIND uses 1 week:

https://bind9.readthedocs.io/en/stable/reference.html#namedconf-statement-max-cache-ttl

Unbound uses 1 day:

https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound.conf.html

Knot Resolver uses 1 day:

https://knot-resolver.readthedocs.io/en/stable/daemon-bindings-cache.html#cache.max_ttl

PowerDNS Recursor uses 1 day:

https://doc.powerdns.com/recursor/settings.html#max-cache-ttl

Cheers,

--
Shane