[dns-operations] Surprising behaviour by certain authoritative name servers
Nico CARTRON
nicolas at ncartron.org
Tue Jan 7 13:02:38 UTC 2020
Hi Niall,
On 07-Jan-2020 13:20 CET, <niall.oreilly at ucd.ie> wrote:
> Hi.
>
> I've had my attention drawn to some surprising behaviour by
> certain authoritative name servers. I'm not sure how best
> to categorize this behaviour, and wonder how some of you
> might view it.
>
> What's surprising is that an authoritative name server
> shows both a decremented TTL value (as if it were answering
> from cache) and the AA flag.
>
> I'm not sure which of the following labels is the best fit
> for this behaviour:
>
> - normal and expected (but so far outside my experience),
> - strange but harmless,
> - downright wrong.
>
> Thanks in advance to whomever is minded to reply.
could it be dnsdist in front of an Authoritative,
with the `dontAge` setting of newPacketCache set to false?
> Thanks especially to Mats Dufberg who, diligently
> investigating what I had mistakenly guessed was a problem
> in zonemaster, took time to identify, and make me aware of,
> what was causing occasional trouble reports.
>
> Niall
--
Nico
More information about the dns-operations
mailing list