New DNS record types are not added very often, and if they are in many cases they're highly specialized and not widely used. But this year two new record types (SVCB=64 and HTTPS=65) were introduced and are now used on devices which are widely deployed. For example, all Apple devices with recent software issue an HTTPS query for every lookup they do. This not only has a noticeable impact on the volume of queries seen by resolvers, but reveals in the long tail there are still authoritative servers that aren't ready to handle new resource record types. This can increase load further than anticipated on DNS servers.
This presentation will dig into data and show the evolution of HTTPS requests since Apple released support and look at how authorities respond to HTTPS requests for millions of names. It will also identify and evaluate problematic responses.
Observations on the impact of new query types (SVCB=64 and HTTPS=65) on resolvers and authorities