DNS TTL explained

If you have ever worked on a DNS system, then you have probably come across the letters TTL more than a few times. This is the acronym of a mechanism that the DNS uses to make sure that the users will get the most updated results when a DNS query is run. Today we are going to explain everything about the DNS TTL.

First off, what is the meaning behind TTL? These letters come from Time To Live, and they represent an expiration time. In the case of the DNS system, this is used to mark how often the DNS caches should be refreshed.

What is the TTL?

Like we were saying, TTL is the acronym of Time To Live, and it plays a very important role not only in DNS systems but in computing in general. The TTL is a mechanism that let us know which is the expiration time of certain data. Once the given time expires, such data should be deleted in favor of new data.

The TTL is also used for expiring records, for example, we can use to set the date and time in which a certain record will expire. This is widely used for example in some HTTP responses, in HTTP cookies, and in cache control fields.

But in this case what matters to us the most is the TTL on the DNS systems, so let’s talk about that.

DNS TTL meaning

So now you know that TTL means Time To Live, and this is very important for all kinds of DNS records inside our DNS zones. Due to how the Internet and DNS requests work, the TTL plays a very important role because it tells other DNS systems for how long they should keep a certain record stored as cache data. Using cached records is important to make the requests between servers a lot faster, which makes the Internet in general faster.

Now let’s see a good example of a TTL value in a DNS system. Let’s say we have an A record with a TTL of 3600. What does this mean? It means that after picking up a record for the first time, the DNS systems should keep it in cache for 3600 seconds (that is one hour), destroy it after such time passes and then pick it up again, to make sure the record is up to date in case some of its data changes, or if the records are deleted.

Without the TTLs the DNS system would be different, as the records would always need to be checked in real time and it would create a lot of delays, thus making all Internet traffic a lot slower, which would affect load time for websites for example.

DNS TTL best practices

We need to be very careful while managing TTLs because if we change them too often or set them too low, the DNS propagation time won’t be as good as expected, and a lot of delays in picking up the new records information could be created. With this in mind, there are some TTL practices knowing when working on a DNS system.

In the case of records that need to often change, the best practice is to keep a low TTL, for example around 600 seconds or so, depending on of course how often the records will change.

For DNS records that don’t often change, which would be the case of most MX records and TXT records, is a good day to use a medium or high TTL, which could be 3600 in the case of the MX records and 14400 for TXT records.

If a TTL is too high and you need to make a change to a record but also need it to propagate as soon as possible, then you need to start working on it 24 hours before the real change. So, one day before changing the record set the TTL to a low value, for example, 1200 seconds, and leave it like that for an entire day or so.

After a day has passed, make all the necessary changes to your record data and once you’re done change the TTL of the record back to the original high value. This will help it propagate a lot faster and will also tell the other DNS systems that this new record cache should be set to a high value again.

Having a low TTL can be good in some cases, but not so much in others. A common practice for spammers, for example, is to use MX records with very low TTLs, which would help me send more spam in less time. While this can also be a legit practice, is not something that looks good to most DNS servers, so avoid setting records that won’t often change too low TTLs.

As we said, 3600 and 14400 are good TTLs for most records, though in some cases you will need to set lower or higher values, depending on your needs.

How can I check my DNS TTL?

There are a few ways to check the TTL of a DNS record, and we are going to show you the two most used ways to check this. First, we are going to use a tool called “dig”, which comes installed by default in most modern operative systems.

For example in the case of the A record of domain dnspropagation.net, the TTL is 300 seconds, we can see this using dig. To do this you will need to open your system’s console, and then simply type the dig command followed by the type of record (A, MX, TXT, etc.) and then the record name, and this is the result:

[user@localhost ~]$ dig A dnspropagation.net
dnspropagation.net. 300 IN A xx.xx.xx.xx

In this example, the TTL is the second value from the left, between the domain name and the “IN” class.

If we check the TTL of an MX record we could get something bigger, like 3600 seconds.

[user@localhost ~]$ dig MX mydomain.com
mydomain.com. 3600 IN MX mail.mydomain.com

The other tool that we can use to check the TTL of a DNS record is known as Nslookup, mostly used on Windows systems.

To check the TTL of a record using Nslookup, starting by opening a console or Windows command prompt, and then type Nslookup, hit enter and now type “set debug”, now enter again.

Since the debug mode is enabled, you can now see the TTL of a record, just type such record in the command prompt, for example, a domain name, and you will be able to view the TTL right there along with the rest of the record data.



Leave a Reply