Logging statements w.r.t. view in Bind 9.16.18

Gaurav Kansal gaurav.kansal at nic.in
Tue Aug 24 14:44:33 UTC 2021

Hi Ged, 

Actually recursion is only enabled for selected set of users , using geo ip feature of bind.
As server is on public IP, i have added PUBLIC view to log the users who are scanning/attempting to connect my server.

I hope i have explained my use case.


----- Original Message -----
From: bind-users at lists.isc.org
To: bind-users at lists.isc.org
Sent: Tuesday, August 24, 2021 5:37:35 PM
Subject: Re: Logging statements w.r.t. view in Bind 9.16.18

Hi there,

On Tue, 24 Aug 2021, Gaurav Kansal wrote:

> I want a clarity whether we can have individual logging statement
> per view basis ? Whatever i found on google, i think we can't.  My
> use case for separate logging statement is as follows -
> In my recursive server, i have 2 views, one for my internal clients
> and one for Internet ; i am running Internet view just for catch
> hold of scanning IPs (type of honeypot).
> Syntax of 2 views are as follows -
> view "INTRANET" {
> match-clients { PRIVATE.SEGMENTS ; };
> recursion yes;
> };
> view "PUBLIC" {
> match-clients { any; };
> allow-query { none; } ;
> recursion no;
> };

You have recursion turned off for PUBLIC.  As I understand it, the
conventional wisdom is not to run recursive and non-recursive services
on the same BIND instance.  Would it make sense then, in your case, to
run two separate instances of BIND?  Separating logs is then trivial.


Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

bind-users mailing list
bind-users at lists.isc.org

More information about the bind-users mailing list