The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Recommended DNS values for DNS template?

Discussion in 'Bind / DNS / Nameserver Issues' started by sneader, Nov 9, 2008.

  1. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    I noticed that some DNS checking sites don't like the value of 3600000 as the "Expire" value (they say it is too high) and that got me thinking... what ARE the recommended values for all of these settings?

    (the numbers below are what my new cPanel server is defaulting to)

    SOA value (86400)
    Refresh (86400)
    Retry (7200)
    Expire (3600000)
    Minimum TTL (86400)

    And for the individual DNS records:
    NS (86400)
    A, MX, CNAME (14400)

    Thoughts/advice appreciated,

    - Scott
     
  2. SageBrian

    SageBrian Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    415
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    NY/CT (US)
    cPanel Access Level:
    Root Administrator
    I generally go by the recommended values listed on DNSreport.com.

    • SOA record [TTL=14440]
    • PASS SOA REFRESH value OK. Your SOA REFRESH interval is : 4800 seconds. This seems normal (about 3600-7200 seconds is good if not using DNS NOTIFY; RFC1912 2.2 recommends a value between 1200 to 43200 seconds (20 minutes to 12 hours)). This value determines how often secondary/slave nameservers check with the master for updates.
    • PASS SOA RETRY value OK. Your SOA RETRY interval is : 3600 seconds. This seems normal (about 120-7200 seconds is good). The retry value is the amount of time your secondary/slave nameservers will wait to contact the master nameserver again if the last attempt failed.
    • PASS SOA EXPIRE value OK. Your SOA EXPIRE time: 1209600 seconds. This seems normal (about 1209600 to 2419200 seconds (2-4 weeks) is good). RFC1912 suggests 2-4 weeks. This is how long a secondary/slave nameserver will wait before considering its DNS data stale if it can't reach the primary nameserver.
    • PASS SOA MINIMUM TTL value OK. Your SOA MINIMUM TTL is: 6000 seconds. This seems normal (about 3,600 to 86400 seconds or 1-24 hours is good). RFC2308 suggests a value of 1-3 hours. This value used to determine the default (technically, minimum) TTL (time-to-live) for DNS entries, but now is used for negative caching.

    Others might prefer the larger numbers.
     
  3. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    Thanks for posting that. Unfortunately, I don't have an account at DNS Report. I find the fees they charge to be outlandish for what you get. I'm surprised nobody has cloned what they do.

    For now, I've been using IntoDNS... you get much of the functionality at no cost. See http://www.intodns.com. But they don't have recommended values for all the settings like what you showed. Maybe that's worth $80 per year. :)

    Thanks again!

    - Scott
     
  4. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
  5. MattLee

    MattLee BANNED

    Joined:
    Aug 26, 2009
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    0
    Hello,

    Unless you have a very specific configuration or need to alter these templates, I'd stick with what cPanel uses by default as they would be the 'recommended' values.
     
  6. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    Hi Matt. If what DNS Report is saying is true, then the default values that cPanel is using do not meet RFC recommendations. Perhaps a review is in order. This thread is old... I've already made it part of my new server setup routine to adjust the DNS templates to reflect values that don't provide errors on various DNS checking sites (which, then, reduces the amount of support tickets we get from customers asking why their DNS has 'errors'). Another reason why it may be prudent for you to do a review of these values.

    I also noted that cpanel.net itself isn't using your 'recommended' values. :)

    - Scott
     
    #6 sneader, Mar 7, 2011
    Last edited: Mar 7, 2011
  7. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    I do agree with Scott
     
  8. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
  9. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page