DNS 2 SERVFAIL vs 10 NOTZONE
Both DNS 2 (SERVFAIL) and 10 (NOTZONE) belong to the DNS Response Codes (RCODEs) category. 2 indicates that server failure. The name server encountered an internal error while processing the query. Meanwhile, 10 means that name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section.
Descripción
Server failure. The name server encountered an internal error while processing the query.
Cuándo lo verás
The recursive resolver could not get an authoritative answer — commonly caused by DNSSEC validation failures, unreachable upstream nameservers, or misconfigured zones.
Cómo solucionarlo
Try a different resolver (e.g., 8.8.8.8 or 1.1.1.1) to isolate the issue. If you control the zone, check DNSSEC signatures, SOA serial consistency, and nameserver reachability.
Descripción
Name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section.
Cuándo lo verás
Your dynamic update tried to modify a record that falls outside the zone specified in the update message (e.g., updating foo.example.org in the example.com zone).
Cómo solucionarlo
Ensure all names in the update are within the target zone. Check for typos in the zone name or the records being updated.
Diferencias clave
DNS 2: Server failure. The name server encountered an internal error while processing the query.
DNS 10: Name not contained in zone. A name used in the Prerequisite or Update section is not within the zone denoted by the Zone section.
You encounter 2 when the recursive resolver could not get an authoritative answer — commonly caused by DNSSEC validation failures, unreachable upstream nameservers, or misconfigured zones.
You encounter 10 when your dynamic update tried to modify a record that falls outside the zone specified in the update message (e.g., updating foo.example.org in the example.com zone).
Cuándo usar cada uno
For 2 (SERVFAIL): Try a different resolver (e.g., 8.8.8.8 or 1.1.1.1) to isolate the issue. If you control the zone, check DNSSEC signatures, SOA serial consistency, and nameserver reachability. For 10 (NOTZONE): Ensure all names in the update are within the target zone. Check for typos in the zone name or the records being updated.