Intermittent NXDOMAIN for a name we are forwarding

Mark Andrews marka at
Mon Feb 22 04:46:10 UTC 2016

In message <2f868c2b-d04b-4caf-abd7-8176352ccfa5 at>, blrmaani wr
> On Friday, February 19, 2016 at 5:09:02 PM UTC-8, blrmaani wrote:
> > We have a DNS setup where we forward a name in one domain to 5 external nam
> eservers. We see NXDOMAIN error intermittently (once in couple of weeks). How
>  do I debug this issue?
> > 
> > I took a cache dump on our DNS and 2 out of 5 nameserver IPs appear in "Una
> ssociated entries" when the problem happens.
> > 
> > Any advice to troubleshoot this issue is greatly appreciated.
> > 
> > Thanks
> > Blr
> the cache dump also has this entry ( is name I am interest
> ed in)
>  10324   \-ANY   ;-$NXDOMAIN
> Which probably means if anyone requests for, they will be
>  handed NXDOMAIN for upto 10324 seconds from now..

> Our current work around is to restart named (which cache) or we could do a 'r
> ndc flush'. 
> Question: Is there a BIND option to say 'Don't cache for 
> NXDOMAIN error code?'

No.  Fix the source of the NXDOMAIN.  Ask all the external nameservers
for " type666" and see what they respond with.  If
it is NXDOMAIN then you have the source(s) if the NXDOMAIN.

	dig @server type666

This is a case of Garbage In (NXDOMAIN) - Garbage Out (NXDOMAIN).
> Alternatively, I can have a local query for this and flush cache if error cod
> e is NXDOMAIN, but is hacky.. I would like a config option
> _______________________________________________
> Please visit to unsubscribe
>  from this list
> bind-users mailing list
> bind-users at
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at

More information about the bind-users mailing list