Heho, As a follow up; Out of curiosity, me and my colleagues took a look at our passive dataset counting domains that have various forms of CNAME in NS between Jan 2015 and Dec 2021. Figured it might be interesting for some to take a look at the data; Results below.
Note that over the last months of 2021 the number of affected zones went back down from the high avg/max to a (more) reasonable ~0.1% of all zones; The peaks we saw in the months/years before then were some random domain parking company holding DNS wrong and a very large DNS/Domain company holding DNS very wrong (most likely a misconfiguration including an *. IN CNAME). With best regards, Tobias Number of unique zones per month: Months: 83 avg: 294M At least one NS is a CNAME (Aggregate of the three distinct categories below): Months: 83 avg: 0.7464% min: 0.0302% max: 1.7987% median: 0.7767% At least one NS is a CNAME and zone has more than one NS: Months: 83 avg: 0.0713% min: 0.0165% max: 0.8398% median: 0.0387% All NS are CNAME and zone has more than one NS: Months: 83 avg: 0.6690% min: 0.0123% max: 1.7653% median: 0.3242% Zone has only one NS and it is a CNAME: Months: 83 avg: 0.0061% min: 0.0014% max: 0.0701% median: 0.0046% _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
