Log of unresolved DNS queries?
Simon Waters
Simon at wretched.demon.co.uk
Sun Dec 22 22:51:35 UTC 2002
activeco at home.nl wrote:
>
> Does anyone know of a possibility to get a log of unresolved dns
> queries (especially .coms) for any time period, preferably from a
> root server; hourly, daily, doesn't matter?
> Any address, tool, anything which could return asked non-existent
> locations.
Packet tracing like ethereal should easily catch all NXDOMAIN
answers whizzing through an interfaces I would have thought.
Saying what/why do you want to know, might make it easier to
answer.
I don't understand the root server reference, do you mean an
authoritative server?
The root servers would not know about failed ".com" lookup's as
they would refer such a request to the GTLD servers, who would
return NXDOMAIN.
I assume "unresolved" means none existent domains, which DO
resolve, to a negative answer. i.e. an authoritative server says
it doesn't exist.
It is not uncommon to have reverse lookups fail due to erroneous
configurations, BIND 9 lists some of these as lame, which can be
confusing.
More information about the bind-users
mailing list