[dns-operations] Cloudflare people here ? Problematic records served from a Cloudflare hosted zone.
Joe Abley
jabley at strandkip.nl
Thu Nov 20 18:07:29 UTC 2025
Hi Emmanuel,
On 20 Nov 2025, at 16:53, Emmanuel Fusté <manu.fuste at gmail.com> wrote:
> With a colleague we found by accident read world records served by Cloudflare DNS which are breaking the DNS data model: multiple possible CNAME values for a same record leading to possible resolver's cache pollution.
> As the way to get one value or another is trivial, the way to control the resolver cached value is trivial too.
> We did not find how Cloudflare DNS features and zone content where used/combined to generate this behavior which is surely unexpected for the zone operator.
> Is there some Cloudflare people here to whom I could provide the zone/records details to see if it is an expected/assumed behavior or a subtle corner case bug ?
There are a few of us here. Feel free to ping me off-list!
Joe
More information about the dns-operations
mailing list