intermittent SERVFAIL for high visible domains such as *

Tony Finch dot at
Mon Jan 22 12:04:11 UTC 2018

Brian J. Murrell <brian at> wrote:
> that demonstrates how BIND is getting .com referrals from the root
> servers when doing a query for and then doing nothing
> with those referrals before returning a SERVFAIL.

That indicates that it has already marked the servers as lame, so the
packet trace isn't going to tell you what caused the lameness.

The thing to look out for is the minutes before the outage starts - see
what kind of failures you get.

Also, check the logs for EDNS or lame-servers complaints before an outage
starts, which I hope will give you a better idea of how long the problem
is (e.g. start off around the 10 minute mark suggested by the lame-ttl

Good luck :-)

