--- Begin Message ---
Hola,
On Wed, Sep 24, 2025 at 12:29:28PM +0200, Ondřej Surý wrote:
I would argue that you didn’t “fix” it. The people that need to fix it sit at
Microsoft.
A single domain name that requires 100+ outgoing queries is not only broken,
but also nasty to the whole DNS ecosystem. It shoves the complexity and costs
to anyone running a recursive resolver.
After looking for more issues concerning microsoft.com i found tons of
sporadic fails
I like this one the most:
;; ANSWER SECTION:
api-apac.flightproxy.teams.microsoft.com. 75624 IN CNAME
flightproxy-apac-teams.trafficmanager.net.
flightproxy-apac-teams.trafficmanager.net. 20 IN CNAME
ep-jpwe-05-prod-aks.flightproxy.teams.microsoft.com.
ep-jpwe-05-prod-aks.flightproxy.teams.microsoft.com. 3937 IN CNAME
epx.jpwe-05.ic3-calling-enterpriseproxy.japanwest-prod.cosmic.office.net.
epx.jpwe-05.ic3-calling-enterpriseproxy.japanwest-prod.cosmic.office.net. 10 IN
CNAME cosmic-japanwest-ns-233000c96988.trafficmanager.net.
cosmic-japanwest-ns-233000c96988.trafficmanager.net. 10 IN CNAME
epx-enterpriseproxy-1.d03-011.ic3-calling-enterpriseproxy.01-japanwest-prod.cosmic.office.net.
epx-enterpriseproxy-1.d03-011.ic3-calling-enterpriseproxy.01-japanwest-prod.cosmic.office.net.
10 IN A 52.123.170.156
root@svrh1netsup01p:~# grep microsoft named | wc -l
181144
root@svrh1netsup01p:~# grep microsoft named | grep SERVFAIL | wc -l
1414
0.7% SERVFAIL for anything in Microsoft
Guess that would have been fixed if the AD business would be in those domains.
Its
just customer experience being affected ;)
Flo
--
Florian Lohoff [email protected]
Any sufficiently advanced technology is indistinguishable from magic.
signature.asc
Description: PGP signature
--- End Message ---
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
