DNS Issue with proofpoint.com

Mark Andrews marka at isc.org
Thu Apr 17 00:38:28 UTC 2014

In message <CADE4tYUzZdKDCnDyz7k9Pwbn7oH5_zzs6zqEnteAtifnB=f68A at mail.gmail.com>, B
randon Galbraith writes:
> On Wed, Apr 16, 2014 at 9:49 AM, William Herrin <bill at herrin.us> wrote:
> > What would make sense is some sort of attribute on the DNS record
> > which instructed servers not to cache it for so long that mistakes
> > have a lasting impact.
> >
> Or a pub/sub method of sending an immediate invalidation request, similar
> to immediate CDN invalidations.
> Caching is nice, but mistakes happen.

Which is why you should choose appropriate ttls.

Also for CDN you are talking to 1 company which has administative control
over the caches.

For DNS you have highly distributed caches which are talking to millions of
servers.  There are nowhere near comparible in terms of management.

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the NANOG mailing list