Expose dns_respect_ttl option in MeshConfig

[leosarra]

See istio/istio#59555 for context

[istio-testing]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[istio-policy-bot]

😊 Welcome @leosarra! This is either your first contribution to the Istio api repo, or it's been
a while since you've been here.

You can learn more about the Istio working groups, Code of Conduct, and contribution guidelines
by referring to Contributing to Istio.

Thanks for contributing!

Courtesy of your friendly welcome wagon.

[ramaraochavali]

istio/istio#16173 - context on why we switched to respect_dns_ttl. If you do this as Mesh Config property, we would reverse that issue - May be you need it configurable per SE where you have problem? BTW, why is DNS TTL so low?

[istio-testing]

PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[leosarra]

istio/istio#16173 - context on why we switched to respect_dns_ttl. If you do this as Mesh Config property, we would reverse that issue - May be you need it configurable per SE where you have problem? BTW, why is DNS TTL so low?

Hey,
Apologies for the delay, I was on vacation over the past month.

If we are to expose dns_respect_ttl in SE then I think it would also make sense to expose also the DNS refresh rate as a configurable option inside ServiceEntries, instead of keeping it only at a global level. Also, maybe we should support both a global setting and a ServiceEntry specific option for this. WDYT?

As for the low DNS TTL, in our setup we run a cluster with CoreDNS and NodeLocal DNS, together with Istio (with SmartDNS enabled). Pods resolve names through NodeLocal DNS, where the TTL is intentionally kept low, as this is required for cluster.local services.

[howardjohn]

you could configure coredns to return a low ttl only for cluster.local if you wanted I think

…

On Mon, Apr 13, 2026 at 8:01 AM Leonardo Sarra ***@***.***> wrote: *leosarra* left a comment (istio/api#3678) <#3678 (comment)> Hello, Apologies for the delay, I was on vacation over the past month. If we are to expose dns_respect_ttl in SE then I think it would also make sense to expose also the DNS refresh rate as a configurable option inside ServiceEntries, instead of keeping it only at a global level. Also, maybe we should support both a global setting and a ServiceEntry specific option for this. WDYT? As for the low DNS TTL, in our setup we run a cluster with CoreDNS and NodeLocal DNS, together with Istio (with SmartDNS enabled). Pods resolve names through NodeLocal DNS, where the TTL is intentionally kept low, as this is required for cluster.local services. — Reply to this email directly, view it on GitHub <#3678 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAEYGXJGNPLQOXQJOJOMI4D4VT6LTAVCNFSM6AAAAACWZHT56GVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM2DEMZXGM4TANZVGE> . You are receiving this because your review was requested.Message ID: ***@***.***>