The time-to-live (TTL) value is a mechanism that limits the lifespan or lifetime of data in a computer or network — ensuring data refreshes periodically to represent the latest information. In other words, it is like an "expiration date" defined within a DNS record. The TTL tells the recursive server or local resolver how long it should keep the record in its cache. The longer the TTL, the longer the resolver holds that information in its cache.
For example, let's say the zone example.com has an A record at the apex of the zone that points to a server. If you specify a TTL of 3600 seconds (one hour), a recursive server retains information about the A-record at example.com for one hour. Anyone who uses that same resolver will get the same answer. On the authoritative side, there will be no query to the server until the TTL is reached.
TTL values are an integral part of DNS configuration, as they can directly impact the amount of query volume attributable to your authoritative service.
At the apex of every DNS zone, in the Start of Authority (SOA) record, there are five TTL values that serve a critical function in the DNS:
SOA TTL (seconds) - The time-to-live (TTL) of the zone’s start of authority (SOA) record. This value indicates the amount of time resolvers cache the SOA. Default is 3600 seconds (i.e., 1 hour).
Refresh (seconds) - The amount of time between each attempt by the secondary DNS servers to refresh the primary zone file. Default is 43200 seconds (i.e., 12 hours).
Retry (seconds) - If the secondary server's attempt to refresh the primary zone file fails, this is the amount of time before the secondary server attempts the refresh again. Default is 7200 seconds (i.e., 2 hours). The secondary server will continue to try refresh at this interval until the zone has refreshed successfully or until reaching the expiry time.
Expire (seconds) - If refresh and retry attempts fail repeatedly, this is the amount of time after which the primary server should be considered “down” and no longer the authoritative. Default is 1209600 seconds (i.e., 14 days).
NX TTL (seconds) - If the DNS query results in an NXDOMAIN error or EBOT/NODATA response, this value indicates the amount of time the “negative” answer is cached. Default is 3600 seconds (i.e., 1 hour).
In most cases, NS1 recommends that you do not modify the default TTL values.
NS1 notes the following as best practices and key considerations when specifying a TTL value:
TTLs can directly affect the amount of query volume attributable to your authoritative service. There is an inverse relationship between the TTL and the number of queries. If you need to quickly change the record, a higher TTL can result in longer-than-expected change propagation to all recursive servers.
For records that leverage an advanced traffic management configuration — such as NS1’s Filter Chain — it’s best to keep the TTL as short as possible.* As such, when the system enacts a change, users on the other end requesting the name are given the most recent information.
Most recursive servers do not support a TTL shorter than 30 seconds.
For records that rarely change (such as TXT or MX records), it is best to keep the TTL between an hour (3600s) and a day (86400s). When there is a need to enact changes impacting these types of records, NS1 recommends reducing the TTL before enacting any changes to ensure the changes propagate quickly.
For help with random label traffic (which logs against your base domain), you can edit the NX TTL value to a higher value, causing resolvers to not re-request that same domain again for longer. If your active domains do not have answers changed frequently either, it would also help to increase their TTL value as well.