intermittent SERVFAIL for high visible domains such as *

Grant Taylor gtaylor at
Tue Jan 23 16:53:38 UTC 2018

On 01/23/2018 05:25 AM, Brian J. Murrell wrote:
> It would be an interesting experiment to isolate the zone that receives 
> DDNS updates for the DHCP clients onto a separate server to see if that 
> makes this problem go away for the main server, but I don't have another 
> machine to run another BIND on…

Could you try disabling DDNS updates for a little while?  Maybe you'll 
get lucky (for a given value of luck) and find that the problem 
continues happening even with DDNS updates disabled.  Thus you will have 
a reasonable idea that the issue is not related to DDNS updates.

> …I don't think it's possible to run two BINDs on the same machine on 
> different ports and have one (on port 53) delegate a zone to another 
> running on some other port.

I'm sure that you could do some networking magic to cause connections to 
$AlternateIP port 53 to be re-routed to $DifferentIP $AlternatePort.

