DNS TTL, or time to live, is the element of a DNS record that tells the requester how long the record is valid. If the TTL for our DNS record is set to 24 hours, a browser has will continue to use that same value for the next 24 hours regardless of whether the DNS record is updated or not.
- Why is DNS TTL important?
- Higher or Lower DNS TTL?
- Can we Set Shorter TTLs?
- Common TTL Values
- DNS TTL best practices
- Example of DNS TTL
- When to Use a Long TTL
Why is DNS TTL important?
DNS TTLs are vital to websites that make constant changes and updates frequently. By having a lower TTL, we can ensure that we are receiving the most recent updates in a given timeframe.
Our time to live is critical in controlling our resolver caching directly. For example, our DNS resolver will pull a DNS record from its authoritative server every hour. Then for that hour, every user that queries that DNS site will receive a cached version of the website until the resolver pulls another update copy from the authoritative server again.
This process of utilizing the resolver’s cache significantly improves our end-users’ overall experience.
Check DNS TTL with nslookup command
The best way to check DNS TTL is using nslookup command. Open the terminal and type nslookup -debug domain name. It will display the ttl value of this DNS record. This command is available on most systems.
It is a network diagnostic tool that allows users to query the Domain Name System (DNS) for information about internet hosts.The nslookup command can be used to perform the following tasks:
- Resolve domain names to IP addresses
- Retrieve MX records for a domain
- Retrieve the name servers for a domain
% nslookup -debug howtouselinux.com
howtouselinux.com, type = A, class = IN
internet address = 220.127.116.11
ttl = 0
internet address = 18.104.22.168
ttl = 0
Higher or Lower DNS TTL?
If the TTL is set too high, then the new DNS record cannot be updated on the client-side, as the change will take too long to take effect with any existing users.
Setting a very low TTL, however, adds extra overhead, as DNS lookups have to happen much more regularly, which adds to the page load time for a user and increases the stress on the DNS servers.
The default setting for TTL values was traditionally 24 hours, and it was usual to have to wait over a day for the impact of DNS changes to take effect.
Can we Set Shorter TTLs?
Yes, we can set shorter TTLs. However, it can cause heavier loads on an authoritative nameserver, but can be useful when changing the address of critical services like web servers or MX records (mail server pointers), and therefore are often lowered by the DNS administrator prior to a service being moved, in order to minimize disruptions.
Common TTL Values in DNS
Usually, TTL value is 86400 seconds, which is 24 hours. This is a good starting point for most records. However, we can set higher TTL for MX or CNAME records as they are expected to change very rarely. If our service is critical, it is recommended that we set TTL to 1 hour (3600 seconds).
DNS TTL best practices
For the most part, there is no need to change our TTL. However, if we know that we will be making a big DNS change soon, and we want the changes to take effect quickly, we may want to change our TTL ahead of time.
At least 24 hours ahead of time, update our TTL to a shorter value. For example, we may want to change it to 3600 (1 hour).
When our work is done, be sure to go back and return our TTL settings to their original values. DNS caching is an important way to reduce load on the servers, and it is best to keep this traffic low.
Check DNS TTL with dig command
Another way to look up TTL settings is to use the dig utility. It is available on Linux, Unix, and Mac OS X. From the shell (command line), type: dig example.com
This will return the DNS information (including TTL values) for the domain name.
;; ANSWER SECTION:
google.com. 0 IN A 22.214.171.124
google.com. 0 IN A 126.96.36.199
google.com. 0 IN A 188.8.131.52
google.com. 0 IN A 184.108.40.206
google.com. 0 IN A 220.127.116.11
Here we can see that the ttl is 0 for these records.
When to Use a Long TTL
Here are the top records that should have longer TTL’s:
- MX record (points to the mail server)
- DKIM and SPF (usually configured with MX records)
- TXT record
- Records that point to the web server or CDN, A and CNAME records respectively, will typically have a longer TTL since they are rarely changed. For these, we would want to set a TTL of 12 hours to 1 day.
Keep in mind, we will need to lower the TTL and wait until caches expire (usually around a day) before making any changes.