Windows Server 2008 DNS using root hints returning SERVFAIL

So, since I have no reliable DNS server to forward through (my ISP's is crap,
OpenDNS is untrustworthy) my WS2008 DNS server is operating as a caching
resolver using root hints performing recursive queries.

Some domains are causing problems, for example techdirt.com. The domain has
NS records with a 2-day TTL, but the A-record only has a 15 minute TTL. The
initial lookup works fine, but once the 15 minutes has passed, Windows is
just giving me SERVFAIL. If I wait 2 days (for the whole thing to expire) or
manually purge the techdirt.com entries, name resolution works for a further
15 minutes, then back to SERVFAIL.

As best I can tell, the server isn't even trying to re-resolve the name,
it's just straight up failing. The MaxCacheTTL is set to 2 days per
http://support.microsoft.com/default...b;EN-US;968372, but this
appears to do nothing useful.

This behaviour obviously is not very useful.

I am also seeing this behaviour. Completely useless.

How do you manually purge the entries?

"Dr Pizza" wrote:

> So, since I have no reliable DNS server to forward through (my ISP's is crap,
> OpenDNS is untrustworthy) my WS2008 DNS server is operating as a caching
> resolver using root hints performing recursive queries.
>
> Some domains are causing problems, for example techdirt.com. The domain has
> NS records with a 2-day TTL, but the A-record only has a 15 minute TTL. The
> initial lookup works fine, but once the 15 minutes has passed, Windows is
> just giving me SERVFAIL. If I wait 2 days (for the whole thing to expire) or
> manually purge the techdirt.com entries, name resolution works for a further
> 15 minutes, then back to SERVFAIL.
>
> As best I can tell, the server isn't even trying to re-resolve the name,
> it's just straight up failing. The MaxCacheTTL is set to 2 days per
> http://support.microsoft.com/default...b;EN-US;968372, but this
> appears to do nothing useful.
>
> This behaviour obviously is not very useful.