On Jan 30, 2008 5:59 PM, <[EMAIL PROTECTED]> wrote: > > On Wed, 30 Jan 2008 17:18:16 EST, Dude VanWinkle said: > > On Jan 30, 2008 4:03 PM, Gadi Evron <[EMAIL PROTECTED]> wrote: > > > I was somewhat involved, so can vouch this is serious work. > > > > > > I guess it would be a bad idea to block traffic based on the ttl and > > expiry of records with less than x seconds then.. > > Some of us drop the TTL on things a week or so before a hardware move to a new > IP address, so you don't keep a stale cached value around after we do the > move.. > > For some things, we've gone down to 300 or even 60 seconds (having phone calls > for 3600 seconds after you move www.your-domain. tends to make the help desk > people seriously consider doing Bad Things to your car - and if you haven't > outsourced your help desk, they probably know what kind of car you drive. ;)
I drop the ttl/expiry to 5 min right before an IP change. If the ttl was 2 weeks then i drop the ttl/expiry to 1 day up until 1 day before, in which i drop it to 5 min, then do the changeover after 24 hours. Thats why I put the ;-), I would be a good idea if it wasnt infeasible Also why I said seconds and not minutes (O_o) -JP\ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
