Bind9 logging options

Tomasz Dereszynski tomaszd at
Tue May 18 09:27:42 UTC 2010

Quoting sthaug at

>> No! Log files are indicating any issue! The only indication I have about the
>> problem, is the lack if queries in the log files. No timeouts, no  
>> failures. I
>> even tried to query a fake domain. The result was a normal record (with A+).
>> I did not find any error!
>> So, how on earth do I log them?
> Use a packet sniffer (e.g. tcpdump, wireshark) on your DNS servers to
> capture the DNS traffic.

if you set it to capture only 53 port and to save files up to  
reasonable size you can leave it running for 24h without a problem -  
wouldnt recommend doing that without specifying port/service.



bEsT rEgArDs            |       "Confidence is what you have before you
tomasz dereszynski      |       understand the problem." -- Woody Allen
Spes confisa Deo        |       "In theory, theory and practice are much
numquam confusa recedit |       the same. In practice they are very
                         |       different." -- Albert Einstein

This message was sent using IMP, the Internet Messaging Program.

More information about the bind-users mailing list