Many thanks to my friend & cow-orker Tristan Horn for this idea...in BIND 8 you can define servers as bogus (meaning "don't ever trust these") as follows:
// [fjkl].root-servers.net server 192.5.5.241 { bogus yes; }; server 198.41.0.10 { bogus yes; }; server 193.0.14.129 { bogus yes; }; server 198.32.64.12 { bogus yes; };
i recommend against that.
Note that f.gtld-servers.net was the long-running one giving real problems. [fjk].gtld-servers.net were the ones I saw giving false nxdomains at ~1000 pdt, [jk] were fixed by ~1030 and f was taken down ~1200. Two hours! Sheesh.
indeed.
It appears to be fixed now. f.gtld-servers.net is down, a few others are giving referals to the .com nameservers (still "broken", but doesn't break things the same).
right.
By fixed, I mean you shouldn't see false nxdomains and things should all resolve fine.
f.root-servers.net is FTP'ing its COM zone even as we speak. AXFR to a.root-servers.net is giving wierd results. i'll be fetching the zone manually until we find the smoking gun. -- Paul Vixie <paul@vix.com>