Thanks Joe and thanks everyone else for the on and off-list replies. Quite insightful.
I think we've reached the consensus that the problem is the ignoring of TTLs as opposed to misbehaving/stale authoritative servers. So for now I shall wait. To give an idea of the scale of the problem right now, I'm getting thousands of requests per minute to a new IP vs. about two requests per minute on the equivalent old IP, with over 60% of the latter being Baidu, but also a bit of Googlebot and other random bot and non-bot UAs. Perhaps next week I'll unbind some old IPs for a few minutes to see what happens. -----Original Message----- From: "Joe Abley" <jab...@hopcount.ca> Sent: Wednesday, January 16, 2013 8:57pm To: "Erik Levinson" <erik.levin...@uberflip.com> Cc: "Christopher Morrow" <morrowc.li...@gmail.com>, nanog@nanog.org Subject: Re: Intermittent incorrect DNS resolution? On 2013-01-16, at 14:33, Erik Levinson <erik.levin...@uberflip.com> wrote: > True...I did try 4.2.2.2 / 8.8.8.8 and some local ones here. All looked fine. I sent queries from 270+ different locations for the domains you mentioned off-list and I didn't see any inconsistencies. The persistent host-caching/browser-caching theories seem like your best bet (or my 270+ locations weren't sufficiently diverse to catch a stale zone being served by an anycast authority server). Joe
