We plan to use Cloudflare DNS as resolver, but have a question before we implement this.
If I make a request for e.g.
learn.microsoft.com (a site globally distribute by Akamai with many global distributed IP addresses behind) to both of your DNS Servers - can you guarantee that both respond with the same IP address at the same time?
I ask this because we had problems in the past that other DNS providers responded with different IP addresses which is bad for our firewall and dynamic rules.
Thanks a lot for your help!
A “recursive DNS” / “DNS resolver” will simply ask the authoritative DNS for hints on where to reach the given (sub)domain/hostname.
The “recursive DNS” / “DNS resolver” will typically cache it for a while to avoid (sometimes with full, but sometimes with less respect towards the TTL provided by the authoritative DNS provide).
No “recursive DNS” / “DNS resolver” will ever be able to guarantee you that.
I tried some multi-location DNS checker websites.
Sao Paulo, Brazil responded “
126.96.36.199, 2600:1419:4e00:186::3544, 2600:1419:4e00:184::3544” first.
But second time, it responded “
188.8.131.52, 2600:1419:bc00:48e::3544, 2600:1419:bc00:4a8::3544”
CNAME chain currently travelling this path:
It will be the authoritative DNS provider of
akamaiedge.net (and their configuration of the (sub)domain
e13636.dscb.akamaiedge.net) that defines which IP address that are provided.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.