<div dir="ltr">Hi Niall.<div>Yes, we (Three UK) have seen this before, from AWS DNS and Cloudflare. Cloudflare say this is intentional because of the way that their CNAME flattening works.</div><div>I don't think it's a protocol violation, but (if you're an ISP and run large cacheing servers) it can really muck up your cache!</div><div><br></div><div>Another thing to watch out for is TTL=0. If the original authoritative TTL is (say) 60s, but repeated queries show an AA answer with decrementing TTL, we have noticed that this can decrement to 0.</div><div>An AA answer with TTL=0 is legal, but it cannot be cached and it also messed with a piece of equipment that had issues with 0 TTLs (but that's just our problem).</div><div><br></div><div>I hope that helps.</div><div>cheers, Greg</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 7 Jan 2020 at 12:24, Niall O'Reilly <<a href="mailto:niall.oreilly@ucd.ie">niall.oreilly@ucd.ie</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u>
<div>
<div style="font-family:sans-serif"><div style="white-space:normal">
<p dir="auto">Hi.</p>
<p dir="auto">I've had my attention drawn to some surprising behaviour by<br>
certain authoritative name servers. I'm not sure how best<br>
to categorize this behaviour, and wonder how some of you<br>
might view it.</p>
<p dir="auto">What's surprising is that an authoritative name server<br>
shows both a decremented TTL value (as if it were answering<br>
from cache) and the AA flag.</p>
<p dir="auto">I'm not sure which of the following labels is the best fit<br>
for this behaviour:</p>
<ul>
<li>normal and expected (but so far outside my experience),</li>
<li>strange but harmless,</li>
<li>downright wrong.</li>
</ul>
<p dir="auto">Thanks in advance to whomever is minded to reply.</p>
<p dir="auto">Thanks especially to Mats Dufberg who, diligently<br>
investigating what I had mistakenly guessed was a problem<br>
in zonemaster, took time to identify, and make me aware of,<br>
what was causing occasional trouble reports.</p>
<p dir="auto">Niall</p>
</div>
</div>
</div>
_______________________________________________<br>
dns-operations mailing list<br>
<a href="mailto:dns-operations@lists.dns-oarc.net" target="_blank">dns-operations@lists.dns-oarc.net</a><br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations" rel="noreferrer" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-operations</a><br>
</blockquote></div>