squash 'client query (cache) denied' syslog entries

David Dowdle ddowdle at leopard.net
Thu Oct 18 18:42:39 UTC 2012


Some of my external facing nameservers are under attack, and the biggiest 
fallout, is the machines goign into iowait from logging all the client 
query denied syslog messages.

note: yes, recursion is turned off on these machines.

The current logging is a very vanilla

logging {
         category default { default_syslog; default_debug; };
         category lame-servers { null; };
         // below 2 lines are for logging EVERY query. this can fill a 
drive
         //channel "querylog" { file "/var/log/named/query.log"; print-time 
yes; };
         //category queries { querylog; };
};


I'd like to keep logging going, for obvious reasns, but need to kill the 
'client query (cache) denied' messages

sofar all the google-found  'solutions' are: turn off all logging

Thanks





More information about the bind-users mailing list