Ulrich Drepper wrote:
eng.waleed wrote:
On my DNS server when I make nslookup for some site I have this message
** server can't find XXXX: SERVFAIL but the site found and resolved on
other servers, what I have to check
I've had this for quite some time as well. It seems to happen with
sites which has a lot of information in the DNS record (like many IP
addresses). Sometimes the same sites work, probably if the record is
slightly rearranged (reordered IP addresses or so).
It is a problem with bind but I haven't been able to look deeper into it.
Just a thought. This is from reading the DNS standards some
years ago. (It may have changed meanwhile.)
In the case that a reply from a remote server
won't fit in a standard sized UDP reply, the remote server
sends you a "reply truncated" indication and your local server
is supposed to re-request the information using a TCP
connection rather than UDP. Do you have both UDP and TCP
open in the firewall for the appropriate ports? (There is
also the possibility that the remote site doesn't realize
this and has not opened both TCP and UDP.)
