I have two stub zones in my DNS database (both AD-Integrated). Let's call them foo.org and bar.org. All DNS servers on my side are Server 2003 R2.
The foo.org zone file contains the following (hostnames changed for security):
foo.org. NS ns1.foo.org.
foo.org. NS ns2.foo.org.
foo.org. NS ns3.foo.org.
foo.org. SOA [2010033275], ns.foo.org, admin.foo.org
ns.foo.org. A 192.168.0.1
ns1.foo.org. A 192.168.1.1
ns2.foo.org. A 192.168.1.2
ns3.foo.org. A 192.168.1.3
The bar.org. zone is as follows:
bar.org. NS ns1.foo.org.
bar.org. NS ns2.foo.org.
bar.org. NS ns3.foo.org.
bar.org. SOA [2010011842], ns.foo.org, admin.foo.org
The main issue we're running into is that requests for A records in the bar.org zone often return SERVFAIL. Looking into it a bit more, I found that a request for "ns1.foo.org. A" returned NXDOMAIN. I believe this is causing the failure to query for lookups in the bar.org zone.
What doesn't make sense to me, is why a request for "ns1.foo.org A" would result in an NXDOMAIN response when I can see that the record exists the in the zone database.
Best Answer
Try to capture network traffic, or look at your firewall logs from the time you performed a lookup. If the query goes to a public root server, the .local tld would probably result in an "NXDOMAIN" result.
Provide logs or screencasts/output of manual lookups (like with nslookup or dig), if you need more help