Save yourself time: Set the JVM TTL for DNS name lookups in AWS

Reading Time: 2 minutes

I like to keep track of times I’m one of the lucky 10,000. Had such an instance today with the JDK and DNS behavior.

Apparently most versions of the JDK cache DNS lookups indefinitely.

If that’s not surprising to you, I’m guessing you’ve had a weekend debugging session similar to mine. I can’t be the only that didn’t know this. It feels like something I should have learned ages ago, but it took me 15 years of working in the JDK to finally stumble on the symptoms of it.

As far as I can tell, the default JDK behavior actually varies based on the distribution and version, but in most cases DNS lookups are infinite. I guess DNS entries don’t really change that often? In the world of CI/CD, the world just releases frequently enough that we never hit it? Unless you’re a poor sucker that routes traffic through an NLB that decides to changes all of it’s IPs over a weekend.

So if you see sporadic SocketTimeoutExceptions when connecting to AWS services that seem to mysteriously come and go, do yourself a favor and explicitly set the cache TTL. If you consume any DNS-addressed AWS services, you are probably running into this without know about it.

This must be well known because apparently the AWS SDK for Java documentation explicitly calls it out. So RTFM I guess?

So if you’re running the JDK anywhere inside of AWS, save yourself hours of debugging and set:

networkaddress.cache.ttl=5.

Categories: