Thank you for the excellent and thorough debugging. I’m glad you’ve both solved it. Thinking back to what might have changed somewhat recently: In mid-November we changed our EDNS buffer size to 512, triggering TCP fallback for a much larger fraction of our DNS queries. I believe our DNS and our HTTP connections come from the same IP via NAT. It’s possible that the much higher rate of TCP connection creation caused some change in the generated TCP timestamps. Does that match up with approximately when you started seeing the problem, @skyflare?
3 Likes