help: need to know what queries are being requested.

Joe Kattner joe.kattner at adelphia.com
Thu Oct 4 20:22:27 UTC 2001 

Here is a pretty verbose logging section. The named.log will hold the
queries (and everything including the kitchen sink), and grow rapidly, hence
the version/size restrictions. This will provide a lot of detail to help
troubleshooting.

--Joe


logging {
        channel namedlog {
                file "/var/adm/named.log" versions 4 size 5M;
                severity debug;
                print-category yes;
                print-severity yes;
        };
        channel default_syslog {
                syslog daemon;
                severity info;
        };
        category client         { namedlog; };
        category config         { default_syslog; namedlog; };
        category default        { default_syslog; namedlog; };
        category dnssec         { namedlog; };
        category general        { namedlog; };
        category lame-servers   { namedlog; };
        category network        { namedlog; };
        category notify         { namedlog; };
        category queries        { namedlog; };
        category resolver       { namedlog; };
        category security       { namedlog; };
        category update         { namedlog; };
        category xfer-in        { namedlog; };
        category xfer-out       { namedlog; };
};


-----Original Message-----
From: Mark Parker [mailto:mparker at interosa.com]
Sent: Thursday, October 04, 2001 1:34 PM
To: comp-protocols-dns-bind at moderators.isc.org
Subject: help: need to know what queries are being requested.


Hi all,
    I'm running bind 9.1.3 on a sparc 2.8 box. I've got debug turned on (-d
3). I'm seeing lots of this in the named.run file:
Oct 04 11:06:19.455 client 209.119.36.1#53: UDP request
Oct 04 11:06:19.456 client 209.119.36.1#53: request is not signed
Oct 04 11:06:19.456 client 209.119.36.1#53: recursion approved
Oct 04 11:06:19.456 client 209.119.36.1#53: query
Oct 04 11:06:19.457 client 209.119.36.1#53: query approved
Oct 04 11:06:19.457 client 209.119.36.1#53: send
Oct 04 11:06:19.457 client 209.119.36.1#53: sendto
Oct 04 11:06:19.458 client 209.119.36.1#53: senddone
Oct 04 11:06:19.458 client 209.119.36.1#53: next
Oct 04 11:06:19.458 client 209.119.36.1#53: endrequest

As you can see, it doesn't tell me what the queries are actually for.

How can I get bind to do this? Increasing the debug level (to 300 even)
doesn't seem to help. I get more debug output for sure but not the actual
host or ip that the query is about.

Here's the relevant part of my named.conf file:
options {
        directory "/usr/local/named/db/";
        pid-file "/var/run/named.pid";
        allow-transfer {"allow_xfer";};
//      allow-query {"allow_query";};
};

logging { category default {default_syslog; default_debug;}; };

Any help is GREATLY appreciated.

-mark

More information about the bind-users mailing list