[dns-operations] Also any Microsoft CDN people here?
Peter Thomassen
peter at desec.io
Thu Nov 27 22:11:58 UTC 2025
Hi Gavin,
On 11/27/25 16:37, Gavin McCullagh wrote:
> I think it's evident that these DNS servers are likely not e.g. BIND but I don't quite understand why we'd say the behavior is "invalid".
>
> The DNS protocol, as I understand it, accepts that zone files may change at any moment and caches will catch up as ttls expire. That the zone file changed between the queries you made would explain your observations, right?
Of course. I think the issue here is that the reproducible switching between existence and non-existence, while there is a also caching, is very unlikely to be the result the zone maintainer had in mind.
It's not "invalid", protocol-wise, but it's probably "wrong" anyway (in the bug sense).
Best,
Peter
More information about the dns-operations
mailing list