What is DNS TTL? Understanding, configuring, and best practices

TTL stands for “time to live” and refers to the time the DNS resolver should cache queries. The data is stored for a set amount of time in the DNS resolver’s cache to reduce the need to continuously send DNS queries and recheck the primary server’s address. Only after the TTL time expires, the DNS will either discard the cache or send another query to confirm the address.

The DNS TTL value has a significant effect on your browsing experience. For example, shorter TTL reduces the chance you’ll use an outdated IP and helps your security. But a longer TTL uses the cache more, leading to quicker response times. In other words, you can use TTL to strike a perfect balance to provide your best security and optimal speeds.

DNS records are entries within a DNS database that detail information regarding domains. All DNS record types have distinct purposes and guide certain functionalities of a domain, such as an associated website or email system. For instance, address records, or A records, link a domain to its corresponding IPv4 address. In contrast, the SOA (start of authority) record holds administrative data about the domain and its DNS zone, highlighting the primary authoritative nameserver, the contact email, and various timing settings related to the zone’s refresh and retry periods. We’ll cover SOAs in more detail later.

What about DNS vs VPN? Changing DNS settings involves modifying the DNS server your device uses to resolve domain names into IP addresses. This can help improve website loading times, security, and content filtering. On the other hand, connecting to a VPN server protects encrypted DNS traffic, provides a level of privacy, and even helps you access resources securely. If you don’t trust DNS servers to keep your records safe, you can perform a DNS leak test.

TTL in DNS is used to set the right duration to store data in the cache. It ensures that data doesn’t linger too long, becoming outdated, but also isn’t refreshed so frequently that there’s a constant need to revalidate the IP address and put strain on the servers. Let’s take a weather update service as an example.

Before going to bed, you check the weather to know if you will need an umbrella tomorrow. The website shows no rain, but you decide to double check the forecast in the morning. Because TTL also provides a cached version of the website, a long TTL would likely show you the same website version you saw the night before, while a short TTL would provide you a more accurate weather report.

In general, DNS TTL is used for migrating websites and scheduling maintenance, but it can also help manage the website load. If the website’s servers are at capacity, setting a longer TTL would reduce the number of DNS requests. However, if your users need the most accurate information as fast as possible, a short TTL would help them get updated information sooner as well as help you switch to a backup faster, in case your main server breaks down.

If you have a website, you know how important site load speed is. Ads, trackers, scripts, and third-party services as well as a myriad of other factors may increase the time a web page takes to load. A DNS TTL helps you strike the right balance between reducing load on the DNS servers and optimizing your website for the best user experience.

In most cases, you don’t need to change the default DNS caching settings. But if you ever need to, here’s what you should know about the TTL values.

DNS TTL minimum and maximum values

DNS TTL values are set in seconds, so the minimum value you can set is one second. However, that would mean that DNS resolvers have to look up the record’s authoritative server almost every time a request is made increasing load on the servers significantly. Often, the default TTL values range from a few minutes to 48 hours.

The maximum TTL value depends on the DNS provider. Commonly, it’s set to 24 hours (86,400 seconds) but the value can go up to three days (259,200 seconds) and sometimes even more.

How to choose DNS TTL values

First, think about your current situation. Maybe there’s no need to change the default TTL settings? If there is, you’ll likely have an idea whether you need to lower or increase the TTL value. Start by adjusting the time slightly and reevaluate.

DNS best practices

You may not always know the best TTL value, so here are a few common situations where you may need to change the DNS settings:

• If the IP address of your primary domain has been consistent for years, a longer TTL such as 86,400 seconds is a good middle-ground value to aim for.
• During migration or testing, set it around 300 seconds.
• If DDoS attacks are a concern, a longer value such as 43,200 seconds could help serve users a cached website version while the DNS server is under attack.
• When using a DNS as a failover, aim for a value between 600 and 1,800 seconds.
• If you’re using cloud services, check their guidelines for a recommended TTL value.
• In cases where frequent service updates are essential, a TTL around 7,200 seconds helps strike a good balance between performance and fresh updates.
• If you want to improve your connection to improve your gaming experience, consider switching to the best DNS servers for gaming, instead of changing the TTL value.

Dynamic TTL allows you to automatically adjust to real-time conditions or requirements. It’s a great tool giving system administrators the flexibility to change the TTL rather than being locked into a single static value.

A DNS TTL lookup enables you to check the TTL value of a specific DNS record. You can use various online tools to perform a DNS lookup or check it yourself.

On Windows, open the Command prompt, type “nslookup -type=any domain.com”, and click enter. On macOS and Linux, you can use the “dig” command: “dig domain.com.”

The SOA (start of authority) record gives you authoritative information about a domain, such as details about the primary DNS server, the email of the domain administrator, domain serial number, and timers for refreshing and retrying such as:

• SOA TTL is the time limit the SOA record needs to be updated.
• Refresh TTL is the time limit when secondary servers need to be updated.
• Retry TTL describes when the update should start again if it failed the last time.
• Expiry TTL is the time limit the primary server is considered to be expired if updates fail.
• NX TTL is the time when a domain query results in an NXDOMAIN response, the TTL value determines how long the resolver caches and reuses this “non-existence” answer.

Changing these values may result in unwanted consequences. It is generally advised to not change SOA TLLs unless you have a very good reason to do it.