Is it Possible to Log nxdomain Responses?
anandb at ripe.net
Thu Nov 18 17:38:18 UTC 2010
On 17/11/2010 15:23, Stephane Bortzmeyer wrote:
> On Wed, Nov 17, 2010 at 07:48:55AM -0600,
> Martin McCormick <martin at dc.cis.okstate.edu> wrote
> a message of 22 lines which said:
>> It would be nice to log each nxdomain for a while so we can verify
>> that the new deligated zone we are about to install fixed the
> May be with dnscap <https://www.dns-oarc.net/tools/dnscap>:
> dnscap -e x -g -w nxdomain-%s-%u.pcap
> This will keep NXDOMAIN responses
I like dnscap. It also has an option to specify a regex to match on the
QNAME, and capture packets for certain domain names / zones. This is a
useful feature to use on servers which host more than one zone.
More information about the bind-users