DNS: RCODE_SERVER_FAILURE

[zichuan9527]

this is my DNS server config(7.197.20.145):
$TTL 1D
@ IN SOA zichuan.com. ccc.zichuan.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum

apple IN NS cc.bpple.zichuan.com.
@ IN NS dns.zichuan.com.
dns IN A 7.197.20.145
cc.bpple IN A 7.197.42.181

this is my server terminal(7.197.42.181):
root@kwephis1135679:/opt/zichuan/dnscat2-master/server# ruby ./dnscat2.rb apple.zichuan.com --security=open
New window created: 0
New window created: crypto-debug
[DEPRECATION] The trollop gem has been renamed to optimist and will no longer be supported. Please switch to optimist as soon as possible.
Welcome to dnscat2! Some documentation may be out of date.

auto_attach => false
history_size (for new windows) => 1000
Security policy changed: Client can decide on security level
New window created: dns1
Starting Dnscat2 DNS server on 0.0.0.0:53
[domains = apple.zichuan.com]...

Assuming you have an authoritative DNS server, you can run
the client anywhere with the following (--secret is optional):

./dnscat --secret=d0252c4d50765f39cf2eb5147af31746 apple.zichuan.com

To talk directly to the server without a domain name, run:

./dnscat --dns server=x.x.x.x,port=53 --secret=d0252c4d50765f39cf2eb5147af31746

Of course, you have to figure out yourself! Clients
will connect directly on UDP port 53.

dnscat2> New window created: 1

this is my client terminal(7.197.41.50):

[root@kwephis1136703 client]# ./dnscat apple.zichuan.com --no-encryption

Creating DNS driver:
domain = apple.zichuan.com
host = 0.0.0.0
port = 53
type = TXT,CNAME,MX
server = 7.197.20.145
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE
[[ ERROR ]] :: DNS: RCODE_SERVER_FAILURE

why it dose not work?

[zichuan9527]

1、7.197.41.50：
16:33:38.541410 IP 7.197.41.50.53588 > 7.197.20.145.domain: 1607+ CNAME? 9b2703680c00000000d4137a0d42062ff826beed4df1304a38fccb595ab1.500e041929bce8ab52daf8de0e88da832896b5ec263543c46807b6fe50b4.c4e2320c6fb0faf2288a7e8b02.apple.zichuan.com. (184)
2、7.197.42.181.53：
16:33:38.539749 IP 7.197.20.145.53263 > 7.197.42.181.53: 65044 CNAME? 9b2703680c00000000d4137a0d42062ff826beed4df1304a38fccb595ab1.500e041929bce8ab52daf8de0e88da832896b5ec263543c46807b6fe50b4.c4e2320c6fb0faf2288a7e8b02.apple.zichuan.com. (184)
3、7.197.42.181.53：
16:33:38.669372 IP 7.197.42.181.53 > 7.197.20.145.53263: 65044 1/0/0 CNAME a23c03680c00000000ad528bb560728c785b62d2190ed2220c12a8853d9b6ad.0f056281585340f398b8adb19a2d896b72297e62aa17d5cf3ee47a859f2e8b7.31eddfd8cf92dd2d02dd.apple.zichuan.com. (364)
4、7.197.41.50：
16:33:48.672796 IP 7.197.20.145.domain > 7.197.41.50.53588: 14203 ServFail 0/0/0 (184)

Returning data from the domain name server to the client reports an error, which is why？

[zichuan9527]

sloved,because of my dns server config ever is this:

dnssec-enable yes;
dnssec-validation yes;

Now my /etc/named.conf is:

dnssec-enable no;
dnssec-validation no;

Success！