logging of desination ip-address ?

Barry Margolin barmar at alum.mit.edu
Sun Feb 11 22:21:22 UTC 2007

In article <eqltdg$1npq$1 at sf1.isc.org>,
 Danny Thomas <d.thomas at its.uq.edu.au> wrote:

> While bind9 allows fine-grained control of ip-address usage
>   listen-on
>   query-source
>   transfer-source
> and so forth, the destination address is not logged.
> For example I recently wanted to find out whether
>   cisco boomerang dns
>   spurious  ./NS  (mainly from China)
>   spurious A.ROOT-SERVERS.NET/A  (from China & Japan)
> queries were arriving at the resolving or authoritative ip-address
> of our name-servers, and I ended up using tcpdump. Luckily there
> was at least one well-known source address for each of these types.
> I think it could be useful to have a compile-time option enabling
> whether query/update logging included destination ip/port.

Can't you do this with trace logging?

Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list