This value controls negative caching time which is how long a resolver will cache a NXDOMAIN Name Error. The maximum value allowed by RFC 2308 for this parameter is 24 hours (86400 seconds).
The NXDOMAIN Value is how long the system will provide a non-existent domain name response via caching in the event something such as a domain name registration expiration. This value is also helpful in preventing problems such as DNS hijacking of our domain controls.
Negative caching is useful as it reduces the response time for
negative answers. It also reduces the number of messages that have
to be sent between resolvers and name servers hence overall network
The most common negative responses indicate that a particular RRset
does not exist in the DNS. The first sections of this document deal
with this case. Other negative responses can indicate failures of a
nameserver, those are dealt with in section 7 (Other Negative
As with caching positive responses it is sensible for a resolver to
limit for how long it will cache a negative response as the protocol
supports caching for up to 68 years. Such a limit should not be
greater than that applied to positive answers and preferably be
tunable. Values of one to three hours have been found to work well
and would make sensible a default. Values exceeding one day have
been found to be problematic. [RFC2308]
This field was previously used as described by RFC 1035 as MINIMUM which was "The unsigned 32 bit minimum TTL field that should be exported with any RR from this zone."