intermittent SERVFAIL for high visible domains such as *.google.com
Tony Finch
dot at dotat.at
Fri Jan 19 14:54:30 UTC 2018
Brian J. Murrell <brian at interlinx.bc.ca> wrote:
>
> Am I interpreting this correctly? If so, why would these queries come
> back with responses with no answers?
Those responses look like referrals from the root servers to the .com
servers; I would expect you to see `named` repeating the queries as it
follows the iterative resolution algorithm.
If it thinks it is talking to Google's nameservers when it gets that
response, then something VERY screwy is happening.
(Another advantage of the 9.11 packet tracing change I mentioned
previously is that it logs the remote IP address of upstream queries and
responses, handy for working out what `named` thinks it is talking to.)
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/ - I xn--zr8h punycode
Trafalgar: Northerly or northeasterly 5 or 6, becoming variable 3 or 4 except
in southwest. Rough or very rough, but slight or moderate in southeast. Fair.
Good.
More information about the bind-users
mailing list