Home/Glossary/TTL (Time to Live)

TTL (Time to Live)

A value that specifies how long a DNS record or network packet should be cached or forwarded before being discarded or refreshed.

NetworkingAlso called: "time to live", "cache duration"

TTL controls caching duration for DNS records and limits packet propagation in networks, balancing performance with update speed.

DNS TTL

  • Specifies how long resolvers should cache a DNS record (in seconds).
  • Lower TTL = faster propagation of changes, more DNS queries.
  • Higher TTL = better caching performance, slower change propagation.
  • Typical values: 300 (5 min) to 86400 (24 hours).

Common TTL strategies

  • Before changes: Lower TTL to 300 seconds 24-48 hours in advance.
  • During migration: Keep TTL low until changes verify correctly.
  • Steady state: Increase TTL for frequently queried, stable records.
  • High availability: Lower TTL for records that may need quick failover.

TTL for different scenarios

# Low TTL (5 min) - frequent changes expected
example.com.  300  IN  A  192.0.2.1

# Medium TTL (1 hour) - balanced approach
example.com.  3600  IN  MX  10  mail.example.com.

# High TTL (24 hours) - stable records
example.com.  86400  IN  NS  ns1.example.com.

Network/IP TTL

  • Limits how many router hops a packet can traverse.
  • Decremented by 1 at each router; packet discarded at 0.
  • Prevents routing loops from circulating packets indefinitely.
  • Used by traceroute to map network paths.

Security implications

  • Long DNS TTL delays propagation of security-related changes.
  • Attackers may time attacks around TTL expiration for cache poisoning.
  • IP TTL manipulation used in OS fingerprinting and evasion techniques.

Related Tools

Related Articles

View all articles
📄

AI Gateway Guide: What They Are, Why You Need One, and How to Choose

A comprehensive guide to AI gateways — the proxy layer between your app and LLM providers. Compare Cloudflare AI Gateway, Portkey, Helicone, LiteLLM, AWS Bedrock, Azure APIM, and more across pricing, features, and architecture.

Read article →
📄

DNS Infrastructure Compared: Cloudflare DNS vs Route 53 vs Azure DNS vs Google Cloud DNS

A deep technical comparison of managed DNS services from Cloudflare, AWS Route 53, Azure DNS, and Google Cloud DNS — covering architecture, performance, security, pricing, and strategic implications.

Read article →
📄

Web Security Compared: Cloudflare vs AWS Shield/WAF vs Azure DDoS/WAF vs Google Cloud Armor

A deep technical comparison of web security platforms — DDoS protection, WAF, bot management, and API security across Cloudflare, AWS, Azure, and Google Cloud. Architecture, pricing, and when each approach wins.

Read article →
📄

Load Balancing Compared: Cloudflare vs AWS ELB vs Azure Front Door vs Google Cloud Load Balancing

A deep technical comparison of load balancing across Cloudflare, AWS Elastic Load Balancing, Azure Front Door, and Google Cloud Load Balancing — covering global vs regional architectures, health checking, SSL termination, and pricing.

Read article →

Explore More Networking

View all terms

BGP (Border Gateway Protocol)

The routing protocol that exchanges network reachability information between autonomous systems, forming the backbone of Internet routing.

Read more →

DNSSEC (DNS Security Extensions)

A suite of specifications that add cryptographic authentication to DNS responses, preventing DNS spoofing and cache poisoning attacks.

Read more →

Domain Name System (DNS)

The hierarchical naming system that translates human-readable domain names into IP addresses.

Read more →

IP Address Geolocation

The process of determining the geographic location of an internet-connected device using its IP address.

Read more →

MAC Address

A unique hardware identifier assigned to network interfaces for local network communication.

Read more →

MX Record

A DNS record type that specifies which mail servers are responsible for receiving email for a domain.

Read more →
Back to glossary