Minimum FQDN Refresh Time (sec) | Set a limit on how fast the firewall refreshes
FQDNs that it receives from a DNS. The firewall refreshes an FQDN
based on the TTL of the FQDN as long as the TTL is greater than
or equal to this Minimum FQDN Refresh Time (in
seconds). If the TTL is less than this Minimum FQDN Refresh Time,
the firewall refreshes the FQDN based on this Minimum FQDN Refresh
Time (that is, the firewall does not honor TTLs faster than this setting).
The timer starts when the firewall receives a DNS response from
the DNS server or DNS proxy object resolving the FQDN (range is
0 to 14,400; default is 30). A setting of 0 means the firewall will
refresh the FQDN based on the TTL value in the DNS and does not
enforce a minimum FQDN refresh time.
If
the TTL for the FQDN in the DNS is short, but FQDN resolutions don’t
change as frequently as the TTL timeframe so don’t require a faster
refresh, you should set a minimum FQDN Refresh Time to avoid unnecessary
FQDN refresh attempts.
|