[dns-operations] Surprising behaviour by certain authoritative name servers

Mukund Sivaraman muks at mukund.org
Wed Jan 8 14:51:47 UTC 2020


On Wed, Jan 08, 2020 at 08:15:50PM +0530, Mukund Sivaraman wrote:
> On Tue, Jan 07, 2020 at 12:20:01PM +0000, Niall O'Reilly wrote:
> > What's surprising is that an authoritative name server
> > shows both a decremented TTL value (as if it were answering
> > from cache) and the AA flag.
> 
> These days, another kind of authoritative nameservice seems to have
> arrived - the "reverse proxy" idea adapted to DNS. It may forward an
> authoritative query upstream, cache the result and return an
> authoritative answer counting down the TTL. We know this scheme well as
> a forwarder during resolution, but it appears it's being used in
> authoritative service too.

... as a CDN service where the reverse proxy (forwarder) nameserver and
the "master" nameserver are far away, and in different administration
domains.



More information about the dns-operations mailing list