Good point, I had only used rndc reload to activate the changes to the conf
file. The changes definitely took effect at that point, as I could then see
all the debug messages in the log. But, I tried a stop && start (had to use
/etc/init.d/bind9 because rndc doesn't have a start command for some reason)
and I get the same behavior. Here is a sample output from 1 entire
transaction. This was generated after running "host www.solestruck.comlocalhost"
# grep 127.0.0.1#32999 named.log
28-Nov-2008 11:48:53.063 general: debug 60: socket 0xb7f2f148
127.0.0.1#32999: packet received correctly
28-Nov-2008 11:48:53.063 client: debug 3: client 127.0.0.1#32999: UDP
request
28-Nov-2008 11:48:53.063 client: debug 5: client 127.0.0.1#32999: using view
'_default'
28-Nov-2008 11:48:53.063 security: debug 3: client 127.0.0.1#32999: request
is not signed
28-Nov-2008 11:48:53.063 security: debug 3: client 127.0.0.1#32999:
recursion available
28-Nov-2008 11:48:53.063 client: debug 3: client 127.0.0.1#32999: query
28-Nov-2008 11:48:53.064 queries: info: client 127.0.0.1#32999: query:
www.solestruck.com IN A +
28-Nov-2008 11:48:53.064 client: debug 10: client 127.0.0.1#32999:
ns_client_attach: ref = 1
28-Nov-2008 11:48:53.064 security: debug 3: client 127.0.0.1#32999: query '
www.solestruck.com/A/IN' approved
28-Nov-2008 11:48:53.064 client: debug 3: client 127.0.0.1#32999: send
28-Nov-2008 11:48:53.064 client: debug 3: client 127.0.0.1#32999: sendto
28-Nov-2008 11:48:53.064 client: debug 3: client 127.0.0.1#32999: senddone
28-Nov-2008 11:48:53.064 client: debug 3: client 127.0.0.1#32999: next
28-Nov-2008 11:48:53.064 client: debug 10: client 127.0.0.1#32999:
ns_client_detach: ref = 0
28-Nov-2008 11:48:53.064 client: debug 3: client 127.0.0.1#32999: endrequest
28-Nov-2008 11:48:53.065 general: debug 60: socket 0xb7f2f148
127.0.0.1#32999: packet received correctly
28-Nov-2008 11:48:53.065 client: debug 3: client 127.0.0.1#32999: UDP
request
28-Nov-2008 11:48:53.065 client: debug 5: client 127.0.0.1#32999: using view
'_default'
28-Nov-2008 11:48:53.065 security: debug 3: client 127.0.0.1#32999: request
is not signed
28-Nov-2008 11:48:53.065 security: debug 3: client 127.0.0.1#32999:
recursion available
28-Nov-2008 11:48:53.065 client: debug 3: client 127.0.0.1#32999: query
28-Nov-2008 11:48:53.065 queries: info: client 127.0.0.1#32999: query:
www.solestruck.com IN AAAA +
28-Nov-2008 11:48:53.065 client: debug 10: client 127.0.0.1#32999:
ns_client_attach: ref = 1
28-Nov-2008 11:48:53.065 security: debug 3: client 127.0.0.1#32999: query '
www.solestruck.com/AAAA/IN' approved
28-Nov-2008 11:48:53.065 client: debug 3: client 127.0.0.1#32999: send
28-Nov-2008 11:48:53.065 client: debug 3: client 127.0.0.1#32999: sendto
28-Nov-2008 11:48:53.065 client: debug 3: client 127.0.0.1#32999: senddone
28-Nov-2008 11:48:53.065 client: debug 3: client 127.0.0.1#32999: next
28-Nov-2008 11:48:53.065 client: debug 10: client 127.0.0.1#32999:
ns_client_detach: ref = 0
28-Nov-2008 11:48:53.065 client: debug 3: client 127.0.0.1#32999: endrequest
28-Nov-2008 11:48:53.066 general: debug 60: socket 0xb7f2f148
127.0.0.1#32999: packet received correctly
28-Nov-2008 11:48:53.066 client: debug 3: client 127.0.0.1#32999: UDP
request
28-Nov-2008 11:48:53.066 client: debug 5: client 127.0.0.1#32999: using view
'_default'
28-Nov-2008 11:48:53.066 security: debug 3: client 127.0.0.1#32999: request
is not signed
28-Nov-2008 11:48:53.066 security: debug 3: client 127.0.0.1#32999:
recursion available
28-Nov-2008 11:48:53.066 client: debug 3: client 127.0.0.1#32999: query
28-Nov-2008 11:48:53.066 queries: info: client 127.0.0.1#32999: query:
www.solestruck.com IN MX +
28-Nov-2008 11:48:53.066 client: debug 10: client 127.0.0.1#32999:
ns_client_attach: ref = 1
28-Nov-2008 11:48:53.066 security: debug 3: client 127.0.0.1#32999: query '
www.solestruck.com/MX/IN' approved
28-Nov-2008 11:48:53.066 client: debug 3: client 127.0.0.1#32999: send
28-Nov-2008 11:48:53.066 client: debug 3: client 127.0.0.1#32999: sendto
28-Nov-2008 11:48:53.066 client: debug 3: client 127.0.0.1#32999: senddone
28-Nov-2008 11:48:53.066 client: debug 3: client 127.0.0.1#32999: next
28-Nov-2008 11:48:53.066 client: debug 10: client 127.0.0.1#32999:
ns_client_detach: ref = 0
28-Nov-2008 11:48:53.066 client: debug 3: client 127.0.0.1#32999: endrequest
thanks for the pointer. Any other ideas?
-wes
On Fri, Nov 28, 2008 at 10:31 AM, Ben Croswell <[EMAIL PROTECTED]>wrote:
> If you didn't actually do a stop and start, you may want to do that or an
> rndc query to kickstart the query logs.
>
>
> On Fri, Nov 28, 2008 at 1:08 PM, wes <[EMAIL PROTECTED]> wrote:
>
>> I would like to know if it's possible to log the output of each dns query.
>> I'd like to do this to catch failed queries so I can see what people are
>> looking for, and not finding, and add it for them if it should be there. I
>> recently lost my old dns server so I have to start from scratch.
>>
>> This is my current logging configuration:
>>
>> logging {
>> channel log {
>> file "/var/log/named/named.log"
>> versions 10
>> size 100m;
>> severity debug 9999;
>> print-time yes;
>> print-severity yes;
>> print-category yes;
>> };
>> category default { log; };
>> category queries { log; };
>> };
>>
>> as far as I can tell, this is set up to log everything ever. but, I still
>> don't get the actual query result in the log. Is there a way to do this?
>>
>> If not, that's ok, I'll set up a tcpdump script to do it. but I thought I
>> would make sure there isn't a built-in method in bind first.
>>
>> thanks for any advice.
>>
>> -wes
>>
>> _______________________________________________
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
>
>
> --
> -Ben Croswell
>
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
