[dns-operations] Surprising behaviour by certain authoritative name servers
Winfried Angele
abang at t-ipnet.net
Tue Jan 7 13:00:54 UTC 2020
Hi Niall,
Assumption:
Possibly a wrong configured dnsdist [1] cache [2] in front of the
authoritative name server. If you miss the "dontAge" switch, that's
exactly the effect you'll have.
Winfried
[1] https://dnsdist.org/
[2]
https://dnsdist.org/reference/config.html?highlight=dontAge#newPacketCache
Am 07.01.2020 um 13:20 schrieb Niall O'Reilly:
>
> Hi.
>
> I've had my attention drawn to some surprising behaviour by
> certain authoritative name servers. I'm not sure how best
> to categorize this behaviour, and wonder how some of you
> might view it.
>
> What's surprising is that an authoritative name server
> shows both a decremented TTL value (as if it were answering
> from cache) and the AA flag.
>
> I'm not sure which of the following labels is the best fit
> for this behaviour:
>
> * normal and expected (but so far outside my experience),
> * strange but harmless,
> * downright wrong.
>
> Thanks in advance to whomever is minded to reply.
>
> Thanks especially to Mats Dufberg who, diligently
> investigating what I had mistakenly guessed was a problem
> in zonemaster, took time to identify, and make me aware of,
> what was causing occasional trouble reports.
>
> Niall
>
>
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200107/15cda6e4/attachment.html>
More information about the dns-operations
mailing list