squash 'client query (cache) denied' syslog entries
David Dowdle
ddowdle at leopard.net
Thu Oct 18 18:42:39 UTC 2012
Some of my external facing nameservers are under attack, and the biggiest
fallout, is the machines goign into iowait from logging all the client
query denied syslog messages.
note: yes, recursion is turned off on these machines.
The current logging is a very vanilla
logging {
category default { default_syslog; default_debug; };
category lame-servers { null; };
// below 2 lines are for logging EVERY query. this can fill a
drive
//channel "querylog" { file "/var/log/named/query.log"; print-time
yes; };
//category queries { querylog; };
};
I'd like to keep logging going, for obvious reasns, but need to kill the
'client query (cache) denied' messages
sofar all the google-found 'solutions' are: turn off all logging
Thanks
More information about the bind-users
mailing list