It will be important to know which behavior AWS's Route53/DNS servers use ?
Using stock Debian/Stretch BIND9 (1:9.10.3.dfsg.P4-12.3+deb9u4), we see haproxy downing backend servers with "Server<foo> is going DOWN for maintenance (unspecified DNS error)." https://github.com/haproxy/haproxy/search?q=unspecified+dns+error We're expecting/testing to see if bind9's "no-case-compress { any; }" directive addresses this, but many folks do not control their DNS services (and as requisite AWS/Route53 capabilities mature, neither will we). On Tue, Apr 10, 2018 at 3:11 PM, Ben Draut <dra...@gmail.com> wrote: > It's interesting that the default behavior of HAProxy resolvers can > conflict with the default behavior of bind. (If you're unlucky with > whatever bind has cached) > > By default, bind uses case-insensitive compression, which can cause it to > use a different case in the ANSWER than in the QUESTION. (See > 'no-case-compress': https://ftp.isc.org/isc/bind9/cur/9.9/ > doc/arm/Bv9ARM.ch06.html) We were impacted by this recently. > > Also interesting: https://indico.dns-oarc.net/event/20/session/ > 2/contribution/12/material/slides/0.pdf > > > On Mon, Apr 9, 2018 at 2:12 AM, Baptiste <bed...@gmail.com> wrote: > >> So, it seems that responses that does not match the case should be >> dropped: >> https://twitter.com/PowerDNS_Bert/status/983254222694240257 >> >> Baptiste >> > >