DNS resolution failure in high load environment with SERVFAIL and "out of memory/success" in the log

Solution Verified - Updated -

Issue

  • "SERVFAIL" message once domain ttl is expired.
    For example,

    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3504
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.example.com.INA

;; ANSWER SECTION:
www.example.com.3374INCNAMEt.www.example.com.edgesuite.net.
www.example.com.edgesuite.net. 74 INCNAMEa1189.r.akamai.net.
a1189.r.akamai.net. 1    IN  A  115.112.3.13
a1189.r.akamai.net. 1   IN  A  115.112.3.6 <---- TTL is 1s 

;; Query time: 0 msec
;; SERVER: 10.132.60.18#53(10.132.60.18)
;; WHEN: Fri Apr 24 21:15:15 2015
;; MSG SIZE  rcvd: 137


$ date +%T; dig www.example.com
21:15:16

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> www.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44786 <---------- SERVFAIL. 
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.example.com.INA

;; Query time: 0 msec
;; SERVER: 10.132.60.18#53(10.132.60.18)
;; WHEN: Fri Apr 24 21:15:16 2015
;; MSG SIZE  rcvd: 33

Environment

  • Red Hat Enterprise Linux 6
  • bind

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content