What came first: the CNAME or the A record?

This post explains how a memory optimization change in Cloudflare's 1.1.1.1 DNS resolver accidentally reversed the order of CNAME records in DNS responses, causing widespread resolution failures on January 8, 2026.

• •The code change in fill_cache() switched from prepending CNAMEs to appending them, placing CNAME records after A/AAAA records in responses
• •DNS clients like glibc's getaddrinfo() parse records sequentially and expect CNAME records before address records, so reversed order caused empty results
• •Cisco ethernet switches running DNSC experienced reboot loops when receiving reordered CNAME responses
• •RFC 1034 (1987) ambiguously describes CNAME ordering using non-normative language, predating RFC 2119's MUST/SHOULD keywords by 10 years
• •The incident lasted ~2 hours; revert was completed by 19:55 UTC after the release had reached 90% of servers