3
1
l0b0
Posted 2014-08-27T15:32:33.680
Reputation: 6 306
How to set NX TTL in CloudFlare?
Answers
2
It is controlled by the "negative TTL" field (last field) in the SOA record for the zone in question. Can't help you more since you didn't provide any domain name(s).
Edit --
But as an example, if the domain name is something-of-yours.cloudflare.com, here's where the non-existent cache value comes from (below). It's the last value returned in the SOA record, that is the negative-caching TTL field, and it's 3600 (seconds) = 1 hour in this case.
Whoever is the admin for the zone cloudflare.com (first field ot the SOA) controls this value, and the e-mail address is apparently dns@cloudflare.com.
Notice there is no "NX" record returned, there's no such thing.
$ dig something-of-yours.cloudflare.com
; <<>> DiG 9.10.0rc2-1+b1-Debian <<>> something-of-yours.cloudflare.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51707
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;something-of-yours.cloudflare.com. IN A
;; AUTHORITY SECTION:
cloudflare.com. 3600 IN SOA ns3.cloudflare.com. dns.cloudflare.com. 2020742566 10000 2400 604800 3600
;; Query time: 121 msec
milli
Posted 2014-08-27T15:32:33.680
Reputation: 1 682
0
The answer unfortunately is that Cloudflare does not allow the NX TTL to be changed. Today, the value is 1 hour.
$ dig soa my-domain-on-cloudflare.com
; <<>> DiG 9.10.6 <<>> soa my-domain-on-cloudflare.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59079
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;my-domain-on-cloudflare.com. IN SOA
;; ANSWER SECTION:
my-domain-on-cloudflare.com. 3600 IN SOA daisy.ns.cloudflare.com. dns.cloudflare.com. 2030614699 10000 2400 604800 3600
;; Query time: 38 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Apr 05 12:16:45 EDT 2019
;; MSG SIZE rcvd: 102
Robin Daugherty
Posted 2014-08-27T15:32:33.680
Reputation: 260
Thanks, but why would the specific domain name matter if it's all managed by CloudFlare? – l0b0 – 2014-08-28T11:56:42.230
The SOA record goes with in the zone in question. Check the first answer here, it might help... notice the zone is specified (stackoverflow.com)... http://serverfault.com/questions/69183/recommended-dns-soa-record-ttl-default Even if CloudFlare is managing the zone, there's still an SOA record, and if you have control over it, that's where you set the NXDOMAIN TTL.
– milli – 2014-09-02T02:30:31.000Downvoting this. You're right in the very general sense, but OP had specifically asked about CloudFlare. It seems that for now there's no way to control the SOA record there (I've looked but haven't found any field in web interface for this, and linked API doesn't permit "SOA" as a valid
typeeither). – drdaeman – 2016-02-16T00:53:06.067The specific domain name matters because that determines what DNS zone the name falls in and thus the corresponding SOA record that matters for the negative-caching TTL setting. There is no such thing as an NX record in DNS, only the negative-caching TTL and that's a field in the zone SOA record. I'll update my answer with more detali... – milli – 2016-02-22T18:04:51.913
2Cloudflare manages the SOA record automatically and thus you have no control in their "negative TTL" from their SOA records. I think managing the SOA record automatically is a good idea because it's mainly a technical thing. But not giving customers the control of the negative TTL is a bummer. – joonas.fi – 2017-01-19T18:07:14.783