Large amount of TXT records on cisco.com causing truncation
Dan McCombs
dmccombs at digitalocean.com
Wed Mar 6 21:50:31 UTC 2024
Hi all,
Is there anyone from Cisco on this mailing list?
I was looking through some queries earlier and noticed a large amount of
cache misses on our infra for TXT queries for cisco.com. There's a lot of
TXT records there that look like a lot of possibly stale site/domain
verification entries, and I'm wondering if those could be cleaned up to
save the extra queries hitting your nameservers.
The cisco.com nameservers are responding with the TC flag set and no
answer, so clients querying via UDP keep missing cache before retrying over
TCP. It receives a fair amount of traffic with a lot of unnecessary UDP
queries because of that. I added a rule to dnsdist to respond with TC
directly for now in that case, but I'm sure it would help both themselves
and others to clean up those records since it's a popular domain.
Take care,
-Dan
Dan McCombs
Senior Engineer I - DNS
dmccombs at digitalocean.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20240306/df1f695c/attachment.html>
More information about the dns-operations
mailing list