配置 serve-expired no 后在域名过期仍会导致3秒ttl=3

[PikuZheng]

问题现象
配置 serve-expired yes 后 观察下游发现大量域名ttl=3。遂配置 serve-expired no 。此时观察在域名过期后仍会导致3秒ttl=3

运行环境

1. docker

2. 多上游

3. 最新release自编译

4. 涉及的配置(注意去除个人相关信息)

bind [::]:53

prefetch-domain yes
dualstack-ip-selection no
serve-expired no
response-mode fastest-response

cache-size 10000

rr-ttl-min 1
rr-ttl-max 3600
rr-ttl-reply-max 3600

重现步骤

1. 上游DNS配置。
   server-tls 1.12.12.12 -host-name dot.pub -group mainland -blacklist-ip

2. 访问的域名。
   私有域名

信息收集

localhost:~# kdig sponsor.ajay.app @127.0.0.1
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 38887
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 0

;; QUESTION SECTION:
;; sponsor.ajay.app.            IN      A

;; ANSWER SECTION:
sponsor.ajay.app.       6       IN      A       104.21.44.169
sponsor.ajay.app.       6       IN      A       172.67.201.151

;; Received 66 B
;; Time 2025-02-11 18:42:05 CST
;; From 127.0.0.1@53(UDP) in 0.6 ms
localhost:~# kdig sponsor.ajay.app @127.0.0.1
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 49607
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 0

;; QUESTION SECTION:
;; sponsor.ajay.app.            IN      A

;; ANSWER SECTION:
sponsor.ajay.app.       3       IN      A       104.21.44.169
sponsor.ajay.app.       3       IN      A       172.67.201.151

;; Received 66 B
;; Time 2025-02-11 18:42:11 CST
;; From 127.0.0.1@53(UDP) in 0.6 ms
localhost:~# kdig sponsor.ajay.app @127.0.0.1
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 3429
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 0

;; QUESTION SECTION:
;; sponsor.ajay.app.            IN      A

;; ANSWER SECTION:
sponsor.ajay.app.       3       IN      A       104.21.44.169
sponsor.ajay.app.       3       IN      A       172.67.201.151

;; Received 66 B
;; Time 2025-02-11 18:42:12 CST
;; From 127.0.0.1@53(UDP) in 0.6 ms
localhost:~# kdig sponsor.ajay.app @127.0.0.1
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 65380
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 0

;; QUESTION SECTION:
;; sponsor.ajay.app.            IN      A

;; ANSWER SECTION:
sponsor.ajay.app.       89      IN      A       172.67.201.151
sponsor.ajay.app.       89      IN      A       104.21.44.169

;; Received 66 B
;; Time 2025-02-11 18:42:12 CST
;; From 127.0.0.1@53(UDP) in 0.7 ms
localhost:~# kdig sponsor.ajay.app @127.0.0.1
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 51708
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 0

;; QUESTION SECTION:
;; sponsor.ajay.app.            IN      A

;; ANSWER SECTION:
sponsor.ajay.app.       88      IN      A       172.67.201.151
sponsor.ajay.app.       88      IN      A       104.21.44.169

;; Received 66 B
;; Time 2025-02-11 18:42:13 CST
;; From 127.0.0.1@53(UDP) in 0.5 ms

[htfcuddles]

ttl=3有两种情况：1.过期域名 2.首次查询域名。确定不是第二种情况吗？

[PikuZheng]

ttl=3有两种情况：1.过期域名 2.首次查询域名。确定不是第二种情况吗？

配置了 response-mode fastest-response 应该完全透传上游结果

[htfcuddles]

即使是fastest-response，我理解也只是快速返回第一个相应结果，后台还会对多IP进行优选，以返回多个IP。

如果缓存没有命中，则及时返回一个IP地址给客户端，并设置TTL为3，让客户端再次查询，避免客户端等待。
并行的，smartdns等待所有IP地址的查询结果，并对查询结果进行优选。原则为：
    IP列表中的第一个IP为最快地址。
    其他IP相比第一个IP的速度差不多。
    速度较差的IP丢弃。
客户端3秒后，再次查询，将会获的所有最佳IP地址，但第一个IP地址仍然为最快，大部分软件也只会使用第一个IP。