http://code.google.com/p/namebench/

sudo apt-get install namebench

http://www.codeproject.com/Articles/13986/Test-Your-DNS-Response-Times-with-DNS-Tester

http://mxtoolbox.com/

https://testconnectivity.microsoft.com/

https://forums.extrahop.com/t/tip-of-the-week-dns-servfail-dns-nxdomain-truncated-dns-requests/138

SERVFAIL messages show that the fully qualified domain name (FQDN) that has been looked up does exist, that the root name servers have information on the domain but that the authoritative name servers are not answering queries for this domain.

For NXDOMAIN, you need to track down the registrar with a tool such as 'whois' and find out why the domain is no longer available.

http://serverfault.com/questions/629367/dns-external-lookup-servfail

Name server 'glue' records (child name servers) at the registrar have a long TTL…often 48 hours. Changing IP addresses of these servers takes a long time.

dig +trace

dig +trace follows the whole chain from the beginning…it queries root servers, then .info servers then your name servers. Thus it avoids any caching resolvers, and also avoids propagation issues.