|
|
|
|
|
|
by bcheung
3533 days ago
|
|
|
I know the TTL is set really low for a lot of DNS entries but this recent outage got me wondering if it makes sense for servers further down the chain to hold onto it for longer than the TTL, honor it when they are able to get a new DNS entry within a reasonable amount of time, but fall back to the "expired" version if the authoritative server is not reachable. I'm wondering what would be the negative consequences of this and if they outweigh the benefit of being more resilient to these types of attacks. |
|
|