logging forwarding reqs

Jonathan Reed jreed777 at gmail.com
Thu Apr 15 18:25:35 UTC 2010


Indeed I have setup querylog, and I have these show in my logs:
Apr 15 14:20:00 TOR-HYPER-01 named[10228]: client 172.18.4.214#47149: query:
google.ca IN A +
Apr 15 14:20:09 TOR-HYPER-01 named[10228]: client 172.18.4.214#51366: query:
yahoo.ca IN A +
Apr 15 14:23:32 TOR-HYPER-01 named[10228]: client 127.0.0.1#48177: query:
google.ca IN A +

But I am still unable to determine if those reqs are asking the forwarders.
The forwarders are all Windows boxes which I dont have rights to access.
Still hoping there is something within bind9 that can say the req went to
fwd'er.

On Thu, Apr 15, 2010 at 12:31 PM, Jonathan Reed <jreed777 at gmail.com> wrote:

> Hey all,
>
> I've setup bind9 to be a forwarder only. However I'm not understanding how
> to confirm requests for queries are being sent through to the forwarded dns
> servers. Even running in debug mode, I can see the req, but I dont see
> anything in the debug msg that says its been forwarded on to any of my
> forwarders.
>
>
> named.conf.options:
>
> options {
>         directory "/var/cache/bind";
>
>   forward only;
>   forwarders {
>           172.20.4.1;
>           172.20.4.3;
>           172.20.4.10;
> };
>   allow-query {
>     127.0.0.1;
>     172.0.0.0/8;
> };
> };
>
> Im run the server in debug and make a request for google.ca from the
> client. But this doesnt tell me that the request was actually sent to my
> forwarding servers. I want to be able to confirn this and know that my
> localhost isnt answering these queries for the client. Perhaps theres a
> logging config that will show me this? Any ideas?
>
> $ sudo named -d9 -g -c /etc/bind/named.conf
> 15-Apr-2010 12:21:32.682 client 172.18.4.214#43801: UDP request
> 15-Apr-2010 12:21:32.682 client 172.18.4.214#43801: using view '_default'
> 15-Apr-2010 12:21:32.682 client 172.18.4.214#43801: request is not signed
> 15-Apr-2010 12:21:32.682 client 172.18.4.214#43801: recursion available
> 15-Apr-2010 12:21:32.682 client 172.18.4.214#43801: query
> 15-Apr-2010 12:21:32.682 client 172.18.4.214#43801: query (cache) '
> google.ca/A/IN' approved
> 15-Apr-2010 12:21:32.682 client 172.18.4.214#43801: replace
> 15-Apr-2010 12:21:32.682 clientmgr @0x7f803f2d0760: createclients
> 15-Apr-2010 12:21:32.682 clientmgr @0x7f803f2d0760: create new
> 15-Apr-2010 12:21:32.683 client @0x7f80412ae2a0: create
> 15-Apr-2010 12:21:32.683 createfetch: google.ca A
> 15-Apr-2010 12:21:32.683 client @0x7f80412ae2a0: udprecv
> 15-Apr-2010 12:21:32.684 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> create
> 15-Apr-2010 12:21:32.684 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> join
> 15-Apr-2010 12:21:32.684 fetch 0x7f803f2c5140 (fctx 0x7f8038643010(
> google.ca/A) <http://google.ca/A%29>): created
> 15-Apr-2010 12:21:32.684 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> start
> 15-Apr-2010 12:21:32.684 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> try
> 15-Apr-2010 12:21:32.684 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> cancelqueries
> 15-Apr-2010 12:21:32.684 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> getaddresses
> 15-Apr-2010 12:21:32.684 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> query
> 15-Apr-2010 12:21:32.684 resquery 0x7f8038649010 (fctx 0x7f8038643010(
> google.ca/A) <http://google.ca/A%29>): send
> 15-Apr-2010 12:21:32.684 resquery 0x7f8038649010 (fctx 0x7f8038643010(
> google.ca/A) <http://google.ca/A%29>): sent
> 15-Apr-2010 12:21:32.684 resquery 0x7f8038649010 (fctx 0x7f8038643010(
> google.ca/A) <http://google.ca/A%29>): udpconnected
> 15-Apr-2010 12:21:32.684 resquery 0x7f8038649010 (fctx 0x7f8038643010(
> google.ca/A) <http://google.ca/A%29>): senddone
> 15-Apr-2010 12:21:32.715 resquery 0x7f8038649010 (fctx 0x7f8038643010(
> google.ca/A) <http://google.ca/A%29>): response
> 15-Apr-2010 12:21:32.715 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> answer_response
> 15-Apr-2010 12:21:32.715 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> cache_message
> 15-Apr-2010 12:21:32.715 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> clone_results
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> cancelquery
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> done
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> stopeverything
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> cancelqueries
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> sendevents
> 15-Apr-2010 12:21:32.716 client 172.18.4.214#43801: send
> 15-Apr-2010 12:21:32.716 client 172.18.4.214#43801: sendto
> 15-Apr-2010 12:21:32.716 client 172.18.4.214#43801: senddone
> 15-Apr-2010 12:21:32.716 client 172.18.4.214#43801: next
> 15-Apr-2010 12:21:32.716 client 172.18.4.214#43801: endrequest
> 15-Apr-2010 12:21:32.716 fetch 0x7f803f2c5140 (fctx 0x7f8038643010(
> google.ca/A) <http://google.ca/A%29>): destroyfetch
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> shutdown
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> doshutdown
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> stopeverything
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> cancelqueries
> 15-Apr-2010 12:21:32.716 fctx 0x7f8038643010(google.ca/A'<http://google.ca/A%27>):
> destroy
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100415/4eb86980/attachment.html>


More information about the bind-users mailing list