Caching and upper case issue with BIND 9.9.7-P3

cypher Nix ciphernix at
Wed Sep 23 15:18:45 UTC 2015

After upgrading BIND from BIND 9.9.7-P2 to BIND 9.9.7-P3 on about a dozen
authoritative + recursive servers, we noticed a strange caching issue on one of the servers.

The server is authoritative for our main domain (let's assume
There are multiple subdomains under that have been NS delegated to
other servers. Whenever the DNS server would respond to a recursive "A" record query from its
cache, the "Answers" part of the request would always be in upper case - such
More details below
I noted the following behavior using a packet capture

-A client requests for "" "A" record.

-Our server then does a lookup against authoritative server for "A" record "" 

-Our server gets a response from authoritative server:
    ; ANSWER SECTION: 10 IN    A

-Our server responds to the clients request for and stores
the response for 10 seconds (the TTL of the record). At this point the
answer section is still in all lower case - the clients gets the following:
    ; ANSWER SECTION: 10 IN    A

-The next time the client queries for, our server responds
from the cache and changes the case from to EXAMPLE.COM. It
continues to serve EXAMPLE.COM in upper case as part of the answer while the TTL is still valid.

-This behavior was observed for "A" record responses for queries under any
subdomain of  The case was only change to upper case on the
answer section. also appeared under the question, authority, and
additional sections but only in the answer section was the case changed.

We eventually restarted BIND and the issue went
away. After restarting BIND all responses served from cache are now lower case, as expected.

Has anyone seen this behavior before ? Is this a bug ?
This caused issues for certain applications on our network that did string
comparison and expected the answer section to be in lower case.

More information about the bind-users mailing list