TTL: The Cache Timer
Every DNS record carries a TTL (Time To Live) value — a number in seconds that tells caching resolvers how long to store the record before discarding it and fetching a fresh copy. When your recursive resolver gets a DNS answer, it starts a countdown. When the countdown hits zero, the cached entry is expired and the next query for that name triggers a fresh lookup from the authoritative nameserver.
TTL is set by the domain owner in their DNS zone file, not by the resolver. You control it in your DNS provider's dashboard. The resolver is simply obligated to respect it — though some resolvers apply a minimum floor (commonly 30–60 seconds) and some ISP resolvers ignore short TTLs entirely and cache for longer than instructed.
Understanding TTL is essential for anyone who manages DNS records. It directly determines how quickly your changes take effect across the internet — and how much load you put on your nameservers. A TTL of 60 means every resolver in the world re-queries your nameserver every minute for that record. A TTL of 86400 means they query at most once per day.
How TTL Affects DNS Propagation
When you update a DNS record, the change is immediate on your authoritative nameserver. But millions of resolvers around the world are holding a cached copy of the old record. They will not fetch the new value until their cached copy expires — which happens after the TTL of the old record elapses, not the new one.
This is the core of why "DNS propagation" takes time. If your A record previously had a TTL of 86400 (24 hours), a resolver that cached it just before your change will serve the old IP address for up to 24 hours. A resolver that cached it 23 hours ago will pick up the change within an hour. Different resolvers around the world cached the record at different times, which is why propagation is gradual rather than instantaneous.
The practical implication: before making a significant DNS change (migrating servers, changing a CDN, moving email providers), lower the TTL of the affected records well in advance. Let the lower TTL propagate — which itself takes up to the current TTL — and then make your change. This dramatically shrinks the propagation window.
Typical TTL Values and Their Use Cases
| TTL Value | Time | Best For |
|---|---|---|
60 | 1 minute | Records about to change; active traffic migrations; failover scenarios |
300 | 5 minutes | Dynamic infrastructure; records that change a few times per year |
3600 | 1 hour | Standard default for most web records (A, AAAA, CNAME) |
86400 | 24 hours | Stable records that rarely change: NS, MX, SOA |
There is no universally correct TTL. The right value depends on how often the record changes and how quickly you need changes to take effect. For most production web hosting records, 3600 (one hour) strikes a good balance. For NS records — which almost never change — 86400 is appropriate and reduces resolver load. For anything you may need to change quickly in an emergency, keep TTL at 300 or lower.
The TTL Change Strategy: Lowering Before Moving
The professional approach to any major DNS change is a two-phase process. First, reduce the TTL of the affected records to a low value — typically 300 or 60 seconds. Then wait for the original (high) TTL to expire across all resolvers. Only then make the actual IP or value change.
For example: your A record currently has a TTL of 86400. You plan to move your server to a new IP in three days. Today, change the TTL to 300. Wait 24+ hours for all resolvers to see the new short TTL. Now when you update the A record to the new IP, the entire world will pick up the change within 5 minutes instead of 24 hours.
After the migration is complete and stable, raise the TTL back to a comfortable value like 3600. Running permanently at 60 is unnecessary and increases load on your nameservers for no practical benefit once the migration is done.
TTL in Other Protocols (IP, TCP, Ping)
TTL appears in a completely different context in IP networking. In an IPv4 packet header, TTL is an 8-bit counter (maximum value 255) that is decremented by 1 at each router hop. When TTL reaches zero, the router discards the packet and sends an ICMP Type 11 "Time Exceeded" message back to the sender. This mechanism prevents packets from looping forever on a misconfigured network.
The ping command reports TTL in its output — the TTL value shown is what remains in the response packet when it arrives back at your machine, not the original value. A ping response showing TTL 56 from a host that starts at 64 means the packet traversed 8 hops. Traceroute exploits this same mechanism deliberately, sending packets with incrementally increasing TTL to map each hop.
Despite sharing the name, DNS TTL and IP TTL are entirely separate concepts operating at different layers. DNS TTL is a cache expiry measured in seconds; IP TTL is a hop counter measured in router hops.
Frequently Asked Questions
What does TTL stand for in DNS?
TTL stands for Time To Live. In DNS, it is a value in seconds attached to each record that tells caching resolvers how long to hold the record before discarding it and fetching a fresh copy from the authoritative nameserver.
How long does DNS propagation take?
DNS propagation time is bounded by the TTL of the record you changed. If the old record had a TTL of 86400 seconds (24 hours), resolvers that cached it just before your change will continue serving the old value for up to 24 hours. There is no fixed propagation time — it depends entirely on the previous TTL.
What is a good default TTL for DNS records?
For most stable records (A, AAAA, MX), a TTL of 3600 seconds (1 hour) is a reasonable default. For records that change frequently, 300 seconds is better. For very stable records like NS entries, 86400 seconds (24 hours) reduces nameserver load.
Does lowering TTL actually speed up propagation?
Yes, but only for future changes. When you lower the TTL on a record, resolvers honor the new shorter TTL after their current cached copy expires. If you lower the TTL from 86400 to 300, you must wait up to 24 hours for that shorter TTL to take effect everywhere — then your next change propagates within 5 minutes.
What does TTL mean in an IP packet?
In an IP packet, TTL is a hop counter in the IP header decremented by 1 at each router. When it reaches zero, the router discards the packet and sends an ICMP Time Exceeded message. This prevents packets from circulating forever. It is unrelated to DNS TTL despite sharing the name.
Why do different resolvers show different TTL values?
Resolvers show the remaining TTL on a cached record, not the original TTL. If a record has a TTL of 3600 and a resolver cached it 1000 seconds ago, it reports a remaining TTL of 2600. Different resolvers cached the record at different times, so they all report different remaining values.