[dns-operations] Cloudflare people here ? Problematic records served from a Cloudflare hosted zone.
Viktor Dukhovni
ietf-dane at dukhovni.org
Fri Nov 21 11:39:14 UTC 2025
On Fri, Nov 21, 2025 at 12:17:45PM +0100, Winfried via dns-operations wrote:
> > > > multiple possible CNAME values for a same record leading to
> > > > possible resolver's cache pollution.
> > > > As the way to get one value or another is trivial, the way to
> > > > control the resolver cached value is trivial too.
>
> Please keep us informed if this case could cause problems for other resolver
> operators as well or is otherwise relevant to them.
What isn't clear from the original report is whether:
1. A single query response returns multiple CNAME records, or,
2. Several separate queries (possibly in quick succession) return
different CNAMEs for the same qname.
Of these, only "1" is a problem. There is nothing wrong with "2",
rapidly changing CNAMEs for the same qname are to be expected, DNS data
is not necessarily constant, or consistent across all authoritative
servers, ...
So which is it?
--
Viktor. 🇺🇦 Слава Україні!
More information about the dns-operations
mailing list