Home/ Glossary/ Time to Live

Time to Live (TTL)

Security Glossary - DNS

Definition: TTL (Time to Live) is a value in DNS records that specifies how long (in seconds) a resolver should cache the record before requesting a fresh copy from the authoritative nameserver. A TTL of 3600 means the record is cached for one hour. Lower TTLs mean faster propagation of changes but more DNS queries; higher TTLs mean better caching but slower updates.

Why TTL Matters

TTL directly controls the tradeoff between DNS performance and agility. A high TTL (like 86400 for 24 hours) reduces DNS query volume and slightly improves page load speed because the resolver serves cached results. But it means DNS changes take up to 24 hours to propagate fully.

For sites that rarely change their DNS records, a TTL of 3600 (1 hour) to 86400 (24 hours) is reasonable. For records that need to change quickly - like those used for DNS-based failover or load balancing - a TTL of 60 to 300 seconds allows rapid updates. Services like Cloudflare often use automatic TTL management.

A common operational mistake is setting a long TTL and then needing to make an urgent DNS change (like pointing to a new server during an outage). With a 24-hour TTL, the old record will be served from caches for up to 24 hours. Best practice is to lower TTLs before planned changes and have a standard playbook for emergency DNS updates.

How to Check

A DNS health checker shows the TTL for each of your DNS records. Review whether the values are appropriate for each record type. Critical records that may need to change quickly (A records, MX records) should not have excessively long TTLs.

Quick Reference

ScenarioRecommended TTL
Stable production records3600 (1 hour) to 86400 (24 hours)
Before planned DNS changes300 (5 minutes)
During migration60-300 seconds
CDN/load balancer targets300-600 seconds
MX records3600-14400 seconds

See how your site handles TTL

Check DNS Health

Frequently Asked Questions

What TTL should I use for my DNS records?
For most records: 3600 seconds (1 hour) is a good default. For records you might need to change quickly: 300 seconds (5 minutes). For records that almost never change (like NS records): 86400 seconds (24 hours). Lower TTLs before planned migrations.
Does a lower TTL affect website performance?
Minimally. Lower TTLs mean more DNS queries, but DNS lookups are fast (typically under 50ms) and modern browsers cache DNS independently. The performance impact of a 300-second vs 3600-second TTL is negligible for most websites.
Key Takeaway: Set TTL based on how often the record changes. High TTL (hours) for stable records reduces DNS lookups. Low TTL (minutes) before planned changes enables fast rollback. Always lower TTL in advance of changes, not at the time of the change.

Related Terms

Domain Name System DNS Propagation A Record (Address Record) Nameserver DNS Failover
Disclaimer: DomainOptic provides automated informational scans only. Results do not constitute professional security advice, compliance certification, or a guarantee of security. Always verify findings independently.