I have elaborated on this problem previously, but will do so again for
completeness/context:
There can be differences (possibly significant differences) in the
results returned for resolution of the "target" between the ANAME
authoritative server, and the querying resolver.
o E.g. Any sort of "stupid DNS tricks" that return different
values based on either physical topology (anycast instance) or
geo-ip (client-subnet)> o That discrepancy can direct clients to a suboptimal server,
where suboptimal can even be, from a user perspective, badly
broken (e.g. wrong language, illegal content, etc.)> * The interactions on TTLs and the need for repeated lookups can have
adverse impacts on both clients, resolvers, and auth servers
o An auth server might want to use longer TTLs to reduce query
volume, for ANAME values that do not change frequently (A/AAAA
TTL set to same as ANAME TTL)
o The original A/AAAA TTL (for the "target" owner name's A/AAAA
RRDATA) might be short because it changes frequently (e.g. CDNs)
Brian Dickson: