What is TTL?
Also known as: Time To Live
A timestamp or counter in a DNS resource record that limits how long a resolver or cache can reuse a cached answer before querying the authoritative server again.
Time To Live (TTL) is a numeric value, measured in seconds, embedded in every DNS resource record. It tells recursive resolvers, browser caches, or operating-system caches how long they may keep that record fresh without re-checking the authoritative name server. When the TTL expires, the cached entry is purged, and the next query must fetch a new copy from the origin.
A TTL applies to all five resource record types commonly cached: A, AAAA, CNAME, MX, and NS records, among others. Low TTL values (e.g., 60 seconds) force frequent lookups, enabling fast propagation during DNS changes or failovers. High TTL values (e.g., 86400 seconds, or 24 hours) reduce authoritative-server load and speed up responses for stable records. Soa MINIMUM field, traditionally used as a default TTL for negative caching (NXDOMAIN), is now often superseded by the explicit SOA MINIMUM field combined with the DNS NCACHE TTL extension specified in RFC 2308.
The TTL mechanism is fundamental to DNS performance and reliability. Without TTL, every lookup would require an authoritative query, overloading root and TLD servers. With TTL, distributed caching reduces latency and bandwidth. Most operating systems and resolvers clamp TTL to a configurable cap (often 86400 seconds on Unix, 300, 600 seconds in browsers) to prevent stale data from persisting too long after an emergency change.
Key facts
- TTL is encoded as a 32-bit integer in the second header word of a DNS resource record.
- The maximum possible TTL is 2147483647 seconds (about 68 years), but practical values rarely exceed 86400 seconds.
- SOA MINIMUM field originally set negative caching TTL; RFC 2308 replaced its semantics with a dedicated negative cache TTL.
- CDN and load-balancing services often set TTL to 60–300 seconds to support fast rerouting during failures.
- Browsers may impose their own TTL ceiling: Chrome caps DNS cache entries at 300–600 seconds regardless of the server’s TTL.
How it works in practice
Related terms
References
More in DNS
A Record
A DNS resource record that maps a hostname to a 32-bit IPv4 address. It is the most fundamental record type for translating domain names to numeric addresses on the Internet.
AAAA Record
A DNS resource record that maps a hostname to a 128-bit IPv6 address, analogous to the A record for IPv4.
Authoritative DNS
An authoritative DNS server holds the definitive resource records for a specific domain and responds to queries with the final answer for that zone, not a cached copy.
CAA Record
A CAA (Certification Authority Authorization) DNS record lets domain owners specify which certificate authorities are permitted to issue SSL/TLS certificates for their domain.
CNAME Record
A DNS record that maps an alias hostname to the true or canonical hostname, allowing multiple names to resolve to the same IP address without duplicating A or AAAA records.
DNS
The Domain Name System (DNS) is a hierarchical, distributed naming system that translates human-readable domain names (like example.com) into IP addresses and other resource records used by internet protocols.
DNS Anycast
DNS Anycast uses one IP address served from multiple geographically distributed nameservers; queries are routed to the nearest or healthiest node, improving resilience and reducing latency.
DNS Caching
DNS caching stores resolved domain name query results for the specified TTL duration to avoid repeated queries to upstream authoritative servers.
DNS Hijacking
DNS hijacking is an attack or misconfiguration that returns forged DNS responses, causing users to connect to attacker-controlled hosts instead of the intended server.
DNSSEC
DNSSEC (DNS Security Extensions) add cryptographic digital signatures to DNS records, enabling resolvers to verify that responses have not been tampered with or spoofed.