Apparently, some DNS query implementations use an "0x20 bit encoding" to add additional random bits to the query ID for poisoning attack resistance.<p>I've been trying to track down a DNS latency issue in my network and noticed a device doing this and initially thought it was malware, but there is an RFC[0](though expired), and Google announced that they had implemented this for queries from their public DNS servers in 2023[1].<p>0. <a href="https://datatracker.ietf.org/doc/html/draft-vixie-dnsext-dns0x20-00" rel="nofollow">https://datatracker.ietf.org/doc/html/draft-vixie-dnsext-dns...</a><p>1. <a href="https://groups.google.com/g/public-dns-discuss/c/KxIDPOydA5M" rel="nofollow">https://groups.google.com/g/public-dns-discuss/c/KxIDPOydA5M</a>