[nsd-users] REFUSED vs SERVFAIL

Miek Gieben miek at miek.nl
Mon Jan 20 14:27:16 UTC 2014

[ Quoting <lukas at wunner.de> in "Re: [nsd-users] REFUSED vs SERVFAIL..." ]
> Hi,
> > To me, BIND and Knot's responses seem more logical. They distinguish
> > between the cases where a zone has simply not been configured, versus
> > the case where the zone has gone bad for some reason. With NSD, one
> > can't tell. Is there a reason NSD returns SERVFAIL for unconfigured zones?
> How do resolvers react to SERVFAIL versus REFUSED, is there a
> difference in behaviour? Intuitively I would assume that upon
> SERVFAIL a resolver would retry with another authoritative
> nameserver for the zone in question, with REFUSED I'm not
> so sure, do resolvers give up immediately or retry as well?

I think this difference is mostly important for monitoring tools.

Grtz Miek

More information about the nsd-users mailing list