I read some bind code mentioned in this trace, I think the reason of SERVFAIL should be like this:
> 14:42:40 ~ $ dig +nocmd +multiline +noall +answer www.21photo.cn > 14:42:42 ~ $ dig +nocmd +multiline +noall +answer a.dns.cn. > a.dns.cn. 4818 IN A 203.119.25.1 > 14:42:56 ~ $ dig +nocmd +multiline +noall +answer ns3.mrdns.net. @203.119.25.1 > 14:43:16 ~ $ dig +nocmd +multiline +noall +answer ns3.mrdns.net. > ns3.mrdns.net. 43200 IN CNAME ns1.1stchina.cn. > ns1.1stchina.cn. 4773 IN A 60.29.231.62 Problem should be here. ns3.mrdns.net CNAMEed to ns1.1stchina.cn, so bind does not think it's a authoritative answer, so bind iterates ns1.1stchina.cn, whose NS record is ns3.mrdns.net. So bind got a loop between ns3.mrdns.net and ns1.1stchina.cn, so is between ns4.mrdns.net and ns2.1stchina.cn. Can I do something to workaround this? Is there any bind option I can use to accept CNAME as authoritive answer (Only for this domain would be best) to break the loop? Thanks again. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
