named returning bogus results after network outage

[David Sparks]

Hi all,

I run 2 BIND 9.4.1-P1 servers doing 500-100 qps behind a firewall.  The 
queries do not stop when the firewall is rebooted.  After a firewall reboot, 
trying to resolve a query that failed usually results in a servfail.  The only 
way to get this query to resolve is to restart named.  I've waited days to see 
if some cache gets cleared and the queries will resolve as expected but this 
doesn't help.

The settings I've tried playing with are:

	acache-enable yes;
         max-cache-size 256m;
         max-cache-ttl 600;
         max-ncache-ttl 60;

without success.

The problem can be reproduced by setting up a bind server, automating a lot of 
queries at it, unplugging the network cable for a minute, reconnecting the 
cable and retrying the queries that ran while the cable was unplugged.

Much appreciated if anyone can provide any insight.

Thanks!

ds

-- 
Environmental thought: print this email in triplicate!
(ygolohcysp esrever)