Hello,
We have setup a bind with dnstap enabled and bind is running on channel
127.0.0.1. We want to write all DNS queries resolved by any name servers to
dnstap file. But ,it is writing the query logging to dnstap file which
resolving only by 127.0.0.1 and localhost name servers. bind version is 9.18.32
and it is running on ubuntu. Please help us with the setup to run it on
127.0.0.53 or logging all DNS queries resolving by all name servers on dnstap
file.
Thanks.
Current named.conf
//include "/etc/bind/named.conf.options";
//include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
options {
directory "/var/cache/bind";
//dnstap { all; };
//dnstap-output unix "/opt/dnstap.sock";
// dnstap-identity dns-bind;
// dnstap-version bind;
//forwarders { 8.8.8.8; 8.8.4.4; };
dnstap { all;};
dnstap-output file "/var/cache/bind/bind.dnstap";
dnssec-validation auto;
//auth-nxdomain no;
dump-file "/var/cache/bind/named_dump.db";
statistics-file "/var/cache/bind/named.stats";
listen-on port 53 { 0.0.0.0/0; };
listen-on-v6 port 53 { any; };
//allow-query { localhost; 2001:7fd::1::/64; };
//allow-query { 0.0.0.0/0; ::/0; localhost; };
//allow-recursion { localnets; };
//version "DNS";
//recursion yes;
//allow-recursion { localhost; 192.0.2.0/24; 2001:db8:1::/64; };
//allow-transfer {
// 127.0.0.1; ::1;
//};
// dnssec-enable yes;
//disable-empty-zone
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa";
//notify yes;
};
logging {
channel default_file {
file "/var/log/named/default.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel general_file {
file "/var/log/named/general.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel database_file {
file "/var/log/named/database.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel security_file {
file "/var/log/named/security.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel config_file {
file "/var/log/named/config.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel resolver_file {
file "/var/log/named/resolver.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-in_file {
file "/var/log/named/xfer-in.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-out_file {
file "/var/log/named/xfer-out.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel notify_file {
file "/var/log/named/notify.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel client_file {
file "/var/log/named/client.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel unmatched_file {
file "/var/log/named/unmatched.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel queries_file {
file "/var/log/named/queries.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel network_file {
file "/var/log/named/network.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel update_file {
file "/var/log/named/update.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dispatch_file {
file "/var/log/named/dispatch.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dnssec_file {
file "/var/log/named/dnssec.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel lame-servers_file {
file "/var/log/named/lame-servers.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
category default { default_file; };
category general { general_file; };
category database { database_file; };
category security { security_file; };
category config { config_file; };
category resolver { resolver_file; };
category xfer-in { xfer-in_file; };
category xfer-out { xfer-out_file; };
category notify { notify_file; };
category client { client_file; };
category unmatched { unmatched_file; };
category queries { queries_file; };
category network { network_file; };
category update { update_file; };
category dispatch { dispatch_file; };
category dnssec { dnssec_file; };
category lame-servers { lame-servers_file; };
};
--------------
Meghana
Senior Devops Engineer
From: S L, Meghana
Sent: 07 January 2025 20:00
To: bind-users@lists.isc.org
Subject: Need support setting up bind with dnstap
Hello,
We have setup a bind with dnstap enabled and bind is running on channel
127.0.0.1. We want to write all DNS queries resolved by any name servers to
dnstap file. But ,it is writing the query logging to dnstap file which
resolving only by 127.0.0.1 and localhost name servers. bind version is 9.18.32
and it is running on ubuntu. Please help us with the setup to run it on
127.0.0.53 or logging all DNS queries resolving by all name servers on dnstap
file.
Thanks.
Meghana
Senior Devops Engineer
Confidentiality Notice:
This electronic message, including any accompanying documents, contains
confidential information from OpSec Security and/or its affiliates and may
include information that is privileged and exempt from disclosure under
applicable law.
If you are neither the intended recipient nor responsible for delivering the
message to the intended recipient, please note that any dissemination,
distribution, copying or the taking of any action in reliance upon the message
is strictly prohibited.
If you have received this communication in error, please destroy the
communication and notify the sender immediately.
This email has been automatically scanned for viruses and malware, however,
this email cannot be guaranteed to be secure or error-free, as information
could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or
contain viruses.
The sender does not accept liability for any errors or omissions in the
contents of this message which arise because of email transmission.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
