intermittent SERVFAIL for high visible domains such as *

Tony Finch dot at
Mon Jan 22 12:04:11 UTC 2018

Brian J. Murrell <brian at> wrote:
> that demonstrates how BIND is getting .com referrals from the root
> servers when doing a query for and then doing nothing
> with those referrals before returning a SERVFAIL.

That indicates that it has already marked the servers as lame, so the
packet trace isn't going to tell you what caused the lameness.

The thing to look out for is the minutes before the outage starts - see
what kind of failures you get.

Also, check the logs for EDNS or lame-servers complaints before an outage
starts, which I hope will give you a better idea of how long the problem
is (e.g. start off around the 10 minute mark suggested by the lame-ttl

Good luck :-)

f.anthony.n.finch  <dot at>  -  I xn--zr8h punycode
South Utsire, Northeast Forties: Southerly or southeasterly 5 to 7, increasing
gale 8 at times. Moderate or rough, occasionally very rough in South Utsire.
Occasional rain. Good, occasionally poor.

More information about the bind-users mailing list