Timeout and SERVFAIL

Tue May 29 20:53:02 UTC 2018

Hi,

I have a few fedora25 systems with bind-9.11 set up for a few domains.
One system is master with the other two configured as slaves. The
master and one of the slaves are on one network while the other slave
is on a totally different network.

Last week the network with the master and one of the slaves went down
for an extended period. Requests appeared to still be served by the
second slave on the totally different network.

At least for a while. It appeared once the negative cache expired
after 24h, requests to the domain just resulted in SERVFAIL.

@  IN    SOA   ns.example.com. admin.ns.example.com. (
                2018041703      ;serial (yyyymmddxx)
                3h              ;refresh every 3 hr
                1h              ;retry every 1 hr
                7d              ;expire in 7 days
                1d )            ;negative cache minimum ttl 1 day

How can I configure the name servers so failure of one or two doesn't
impact the third?

In the time leading up to the cache expiring, were other requests
being rejected due to the two nameservers for that zone being
unreachable?