I am trying to figure out why some domain names are not resolving on my instance of Knot resolver over DoH with some clients. I was able to reproduce this issue with [doh](https://github.com/curl/doh) client built on libcurl. The problem never manifests with kdig (neither with DoH, nor DoT nor Do53).

During this, I noticed something strange. For domain name github.com (which sometimes returns no A record), I always receive an answer with TTL set to 60. It seems like this name does not get cached at all. See the test output below.

Interestingly, if I delete cache files and restart the resolver, the TTL starts decreasing as expected. Is this a sign that something was wrong with the cache before? Or is this some sort of cache optimization for low TTL records?

Here is the test output:

$ for i in `seq 1 5`; do ./doh  github.com https://nscache.mtg.ripe.net/dns-query ; echo "----"; kdig +https +noadflag +nocookie +noall +answer github.com A @nscache.mtg.ripe.net ; echo "===="; sleep 1; done
[github.com]
TTL: 60 seconds
AAAA: 0064:ff9b:0000:0000:0000:0000:8c52:7903
----
github.com.         60 IN A 140.82.121.3
====
[github.com]
TTL: 60 seconds
A: 140.82.121.3
AAAA: 0064:ff9b:0000:0000:0000:0000:8c52:7904
----
github.com.         60 IN A 140.82.121.4
====
[github.com]
TTL: 60 seconds
A: 140.82.121.4
AAAA: 0064:ff9b:0000:0000:0000:0000:8c52:7904
----
github.com.         60 IN A 140.82.121.4
====
[github.com]
TTL: 60 seconds
A: 140.82.121.4
AAAA: 0064:ff9b:0000:0000:0000:0000:8c52:7903
----
github.com.         60 IN A 140.82.121.4
====
[github.com]
TTL: 60 seconds
A: 140.82.121.3
AAAA: 0064:ff9b:0000:0000:0000:0000:8c52:7904
----
github.com.         60 IN A 140.82.121.3
====

--

Best regards,

Ondřej Caletka