Recently, two entities have asked us to help them host their DNS zones and in both cases, we were happy to oblige. One of them was the Czech neutral peering node NIX.CZ, with which we often share technical know-how and help each other when it makes sense. The other one was the domain register of Guatemala operating the .gt ccTLD, which we humored as part of our long-term support of developing registers, like we have done the case with the registers of Angola, Malawi, Tanzania or North Macedonia.
At the beginning of 2017, we started working on a project of augmenting infrastructure of authoritative DNS servers that keep the .CZ domain running. Our main motivation was to increase the resiliency of the DNS infrastructure against DDoS attacks – the risk that is constantly growing. The basic building unit of the new DNS infrastructure is the so-called “DNS stack”.
In mid-February we informed about Reducing TTL in the .cz zone by one hour. Then, at a similar hour every Wednesday, we reduced it by another hour, until on March 15, 2017 we reached the required value of 1 hour (i.e. TTL=3600).