Again: Bind 9 DNSSEC logging
Jim Reid
jim at rfc1035.com
Mon Dec 10 21:31:22 UTC 2001
>>>>> "johann" == johann kraus <johann.kraus at vodafone-telecommerce.de> writes:
johann> is there a program or any other functionality, to check if
johann> dnssec works correctly. I tried to log dnssec with the
johann> logging statement in named.conf. No information is written
johann> in the log file.
Have you created the log file and verified that the name server has
opened it? [Hint: lsof is your friend....] Is the log file accessible
bythe name server and does it have write permission on the file? The
snippet of the logging{} statement you showed looks OK. Is the rest of
it?
Bear in mind that the name server won't generate any DNSSEC logs
unless it's made to do DNSSEC things: like verify SIG records or TSIG
transaction signatures. So unless other name servers/clients are
presenting these to your server...
More information about the bind-users
mailing list