Jeff said:
OK I'm going to go ahead and reduce the TTLs on the zones to one hour. That's for all zones other than sc.surbl.org which has a 10 minute TTL. It includes multi also.
Let's watch name server traffic and see if it changes much as a result. Of course it's a little difficult to measure this now since SpamAssassin 3.0 is also rolling out with SURBL support. But if DNS traffic goes up too much we can back this off.
I'd still like to experiment with shorter and longer TTLs at some point to try to optimize them further.
Jeff C.
I goofed by replying to this, thus hijacking his sub-thread with another topic. Hopefully, Im repairing the damage here :) I would add that another interesting question is:
how many out there are using everything but multi in order to get catch more of the newer stuff faster?
If so, it seems to me that the combined extra lookups done on multiple surbl lists would be a larger strain on resources when compared to doing a single lookup on the multi list where the multi list has a shorter TTL time.
Follow? (I admit, I recently abandoned the multi list in favor of using ALL other lists for this very reason. I will now switch to two lists: multi & sc) Rob McEwen
On Wednesday, August 11, 2004, 8:33:22 AM, Rob McEwen wrote:
Jeff said:
OK I'm going to go ahead and reduce the TTLs on the zones to one hour. That's for all zones other than sc.surbl.org which has a 10 minute TTL. It includes multi also.
Let's watch name server traffic and see if it changes much as a result. Of course it's a little difficult to measure this now since SpamAssassin 3.0 is also rolling out with SURBL support. But if DNS traffic goes up too much we can back this off.
I'd still like to experiment with shorter and longer TTLs at some point to try to optimize them further.
Jeff C.
I goofed by replying to this, thus hijacking his sub-thread with another topic. Hopefully, Im repairing the damage here :) I would add that another interesting question is:
how many out there are using everything but multi in order to get catch more of the newer stuff faster?
If so, it seems to me that the combined extra lookups done on multiple surbl lists would be a larger strain on resources when compared to doing a single lookup on the multi list where the multi list has a shorter TTL time.
Follow? (I admit, I recently abandoned the multi list in favor of using ALL other lists for this very reason. I will now switch to two lists: multi & sc)
Yes, what you ask makes some sense, except that the other individual lists also had long TTLs. The only one with a short TTL before was sc.
Now all lists other than sc have a 1 hour TTL which should help in new entries being usable sooner, due to shorter negative caching of the prior non-matches (i.e. before the new entries were on the list, they would have been negatively-cached non-hits. Those non-hits were subject to the negative caching TTL.).
So far DNS traffic does not seem much higher. Maybe I will drop the times further and see what effect it has.
Is anyone noticing any major jumps in DNS traffic at the 1 hour TTL level that we're on now?
Jeff C.
-
Jeff Chan -
Rob McEwen