logging of desination ip-address ?
d.thomas at its.uq.edu.au
Sun Feb 11 01:56:40 UTC 2007
While bind9 allows fine-grained control of ip-address usage
and so forth, the destination address is not logged.
For example I recently wanted to find out whether
cisco boomerang dns
spurious ./NS (mainly from China)
spurious A.ROOT-SERVERS.NET/A (from China & Japan)
queries were arriving at the resolving or authoritative ip-address
of our name-servers, and I ended up using tcpdump. Luckily there
was at least one well-known source address for each of these types.
I think it could be useful to have a compile-time option enabling
whether query/update logging included destination ip/port.
d.thomas at its.uq.edu.au Danny Thomas,
+61-7-3365-8221 Software Infrastructure,
http://www.its.uq.edu.au ITS, The University of Queensland
More information about the bind-users