> One quick question: does this always happen for freebsd.org? No. Before I found the 'fix/workaround', to test, I put ten or so common domain names in a for loop around dig with those parameters. Then fire up named as above, wait till it finished emitting logs to stdout and run the loop against it. Sometimes all ten would fail, sometimes none, sometimes any random number. Completely non deterministic and random as far as I could tell. None more than another.
> What if you send the same query again? Does that fail again, > does it succeed, or is it case-by-case? Repeated invocations of the loop against the _same_ instance of named would fail identically. There may have been a couple instances where a servfail resolved later. However I cannot confirm that as it was early testing. And I sortof ended testing when I found -4. AFAIK, freebsd.org is up/up and working fine as usual if that's what you really meant :)
