disabling lame server logging

Robert Moskowitz rgm at htt-consult.com
Tue Feb 26 14:50:44 UTC 2013


On 02/26/2013 09:37 AM, Phil Mayers wrote:
> On 26/02/13 14:31, Robert Moskowitz wrote:
>>
>> On 02/26/2013 09:25 AM, Robert Moskowitz wrote:
>>>
>>> On 02/26/2013 09:13 AM, Phil Mayers wrote:
>>>> On 26/02/13 13:54, Robert Moskowitz wrote:
>>>>
>>>>> I would be interested in which client is requesting these lookups 
>>>>> that
>>>>> end up going to lame servers.  I am assuming the IP address in the 
>>>>> log
>>>>> is the address of the lame server, not the requesting client.
>>>>
>>>> Look at the query logs?
>>>
>>> I suspect I do not have any query logs.  Where are they, typically.
>>> How are they controled (logging commands)?
>>
>> OK.   I found the 'rndc querylog' command.
>
> Yes. Note that you can enable this by default in the "options" 
> statement. This is all pretty well documented and easy to find in the 
> ARM...

This is traffic I only want occationally!  I am trying to reduce the 
logging size to find new problems.

>
>> Boy is my mailserver hitting me up with repeated queries!  I should
>> probably be running a namecaching server on it to stop this resource 
>> hit?
>
> Shrug. It depends on your config, load and so forth. There's no right 
> answer to that sort of question.
>
> We do run caching resolvers on our MX/outbound relays. You can still 
> forward such to your main resolvers.

I would expect that a namecaching server on the mailserver would reduce 
traffic and resources all the way around.

I don't need my mailserver to constantly be asking my name server about, 
say, zen.spamhaus.org.





More information about the bind-users mailing list