On 23/01/20 18:56, RW wrote:
I'm curious as to what's actually going on here. If I use
dig ns fluent.ltd.uk @<cache-name>
some caches give the 2 servers supplied by Nominet, others give the 3
servers from dns[1-3].fluent.ltd.uk (an extra round-trip).
If I look on Google's 8.8.8.8 I get a random result with random TTLs.
Perhaps the TTLs can be explained by Google's higher-level caching
not coping with the conflict and leaving the individual servers to
handle it, but their software is still producing two different results.
If I would have to guess, I'd say someone removed dns3.fluent.ltd.uk
from the zone without updating the serial number, so now if you happen
to hit a resolver that never queried that domain you'll get only
dns[1-2] , while the others will keep the cached response until expiration.
--
Best regards,
Riccardo Alfieri
Spamhaus Technology
https://www.spamhaustech.com/
