For reference the "trick" is usually referred to as "0x20 randomization" and as far as I'm aware we've been using it since launch. I suspect the only change was the CAA servfail change. We've seen some other nameservers have a strange interaction between 0x20 and CAA records.
cpu
4
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| PowerDNS: Can't find why CAA servfails | 54 | 11315 | August 20, 2017 | |
| DNS problem: SERVFAIL looking up CAA | 16 | 4368 | May 8, 2021 | |
| CAA servfail with register.com | 29 | 2136 | February 2, 2023 | |
| How to reproduce CAA SERVFAIL? Works for me, doesn't for LE staging or prod | 10 | 2152 | November 1, 2017 | |
| Help diagnosing CAA failures `ns1.cyso.nl` | 14 | 3685 | August 23, 2017 |