BIND 9.11.4 dnstap not capturing updates

greg.rabil at bt.com greg.rabil at bt.com
Thu Aug 2 20:25:03 UTC 2018


Hello BIND users,
I am running BIND 9.11.4 on CentOS 7, built with support for dnstap.  I am testing capturing of all DNS packets, including DNS update packets, but they don't seem to be captured.  Here are my named.conf options:

   dnstap-output   file "/tmp/dnstap.output"   ;
   dnstap {   all  ; };

I use nsupdate to send a DDNS update to my zone, which is added successfully.  However, the dnstap.output does not record the DNS update.  I see only the following three packets captured:

02-Aug-2018 16:24:37.365 AQ ::1:8145 -> ::1:0 UDP 38b test1.dnstaptest.com/IN/SOA
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  18817
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;test1.dnstaptest.com.          IN      SOA

02-Aug-2018 16:24:37.365 AR ::1:8145 <- ::1:0 UDP 104b test1.dnstaptest.com/IN/SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:  18817
;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;test1.dnstaptest.com.          IN      SOA

;; AUTHORITY SECTION:
dnstaptest.com.         0       IN      SOA     centos7-dns-test1. dnsadmin.dnstaptest.com. 6 10800 3600 604800 86400

02-Aug-2018 16:24:37.367 AR ::1:8145 <- ::1:0 UDP 32b dnstaptest.com/IN/SOA
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  22809
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;dnstaptest.com.                        IN      SOA


What is going on here?  Why is the DNS Update packet not captured/logged?

Thanks,
Greg Rabil

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180802/7e53854c/attachment.html>


More information about the bind-users mailing list