In either case a resolver MAY cache a server failure response. If it does so it MUST NOT cache it for longer than five (5) minutes, and it MUST be cached against the specific query tuple <query name, type, class, server IP address>.
SERVFAILthat's returned immediately "from cache".
--helpand https://gitlab.labs.nic.cz/knot/shotgun/blob/master/README.md It's far from perfect and doesn't explain everything, but it's a start. I'd like to improve the docs and perhaps add some FAQ later.