diff --git a/changelogs/fragments/3247-retry_servfail-for-dig.yaml b/changelogs/fragments/3247-retry_servfail-for-dig.yaml
new file mode 100644
index 0000000000..1e4a00384f
--- /dev/null
+++ b/changelogs/fragments/3247-retry_servfail-for-dig.yaml
@@ -0,0 +1,3 @@
+---
+minor_changes:
+  - dig lookup plugin - add ``retry_servfail`` option (https://github.com/ansible-collections/community.general/pull/3247).
diff --git a/plugins/lookup/dig.py b/plugins/lookup/dig.py
index f5156b4d1e..19ded61de7 100644
--- a/plugins/lookup/dig.py
+++ b/plugins/lookup/dig.py
@@ -35,6 +35,11 @@ DOCUMENTATION = '''
       flat:
         description: If 0 each record is returned as a dictionary, otherwise a string
         default: 1
+      retry_servfail:
+        description: Retry a nameserver if it returns SERVFAIL.
+        default: false
+        type: bool
+        version_added: 3.6.0
     notes:
       - ALL is not a record per-se, merely the listed fields are available for any record results you retrieve in the form of a dictionary.
       - While the 'dig' lookup plugin supports anything which dnspython supports out of the box, only a subset can be converted into a dictionary.
@@ -73,6 +78,10 @@ EXAMPLES = """
 - ansible.builtin.debug:
     msg: "XMPP service for gmail.com. is available at {{ item.target }} on port {{ item.port }}"
   with_items: "{{ lookup('community.general.dig', '_xmpp-server._tcp.gmail.com./SRV', 'flat=0', wantlist=True) }}"
+
+- name: Retry nameservers that return SERVFAIL
+  ansible.builtin.debug:
+    msg: "{{ lookup('community.general.dig', 'example.org./A', 'retry_servfail=True') }}"
 """
 
 RETURN = """
@@ -300,6 +309,8 @@ class LookupModule(LookupBase):
                         rdclass = dns.rdataclass.from_text(arg)
                     except Exception as e:
                         raise AnsibleError("dns lookup illegal CLASS: %s" % to_native(e))
+                elif opt == 'retry_servfail':
+                    myres.retry_servfail = bool(arg)
 
                 continue