best cache config

[LexterS999]

Can you make this cache setting by default for all? Battle tested. I think it will be good for newbies

[ShreyasZare]

Thanks for the post. These values may be ok for your scenario but the defaults in DNS server have been selected based on certain reasons and are valid for most general use cases.

[LexterS999]

I know, but it's not only battle tested on me. I'm also given it for some companies and individuals. So it's tested on scale too.

[ShreyasZare]

Well, the settings you are recommending is just your for your scenario and will have issues.

For example, server stale TTL is recommended to be 3 days since if a domain's name server fail over a weekend, it may take up to 3 days to get fixed so the DNS resolver in such cases will use the stale data from cache to make the domain work for its users. Setting it to 1 day will save you cache memory but that's just your scenario where in you are willing to make such domain names fail to resolve after a day.

Cache maximum entries value is just how much RAM you are willing to give to the DNS server so it depends on your hardware.

Cache minimum TTL set to 10 minutes will make dynamic DNS records that are usually updated every minute fail for 10 mins when the domain's IP gets changed.

Cache maximum TTL set to 1 hr will cause all NS records which usually have 1 day TTL to expire causing the DNS server to frequently resolve them. For a lot of domain names, the NS records do not come with glue addresses and are required to be resolved separately. This will just cause delays in resolving domain names when NS records are expiring fast.

Prefetch trigger value is aligned to the internal timer's interval so the default value is optimal.

Setting auto prefetch eligibility to a lower value will cause a lot of domain names that are not frequently queries to qualify be kept refreshing. This will cause the number of domain names in the refresh queue to increase significantly. This will just increase the time it takes to refresh the domain names so frequently queried domain names may not get refreshed in time.