Hi Peter<br>
<br>
Thanks a lot for your reply. I had enabled query-errors with debug level 2 in my bind
logging, now i am able to log all SERVFAIL related error logs in
query-errors.log. But i am unable to log the NXDOMAIN error logs .<br> Referring to Bind documentation, i enabled delegation-only option(which Logs queries that have returned NXDOMAIN as the result of a
delegation-only zone or a delegation-only statement in a hint or stub
zone declaration) , but
this also not logging the NXDOMAIN errors. Kindly guide me whether any
additional parameters to be enabled in query-errors to log NXDOMAIN
also.<br>
<br>
Regards<br>
<br>
Shiva Raman<br><br><div class="gmail_quote">On Tue, Jan 17, 2012 at 9:11 PM, Peter Andreev <span dir="ltr"><<a href="mailto:andreev.peter@gmail.com" target="_blank">andreev.peter@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br><div class="gmail_quote">2012/1/17 Shiva Raman <span dir="ltr"><<a href="mailto:raman.shivag@gmail.com" target="_blank">raman.shivag@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div>
Hi All <br><br> i am running Bind version 9.8.1 as an Authoritative Name server. From the rndc.stats , i observe that there are some query failures happening<br>in the server. I am trying to get a detailed information of this query failures, but the current logging options is not allowing me to get a detailed<br>
report on the reason of failure. I tried enabling detailed logs, but that is also not providing me which all queries failed with NXDOMAIN , SERVFAIL....etc.<br><br> Please find the ouptut of named.stats and Logging options enabled in named.conf <br>
<br>Output of /chroot/named/conf/named.stats<br>------------------------------<br><br>+++ Statistics Dump +++ (1326803941)<br>++ Incoming Requests ++<br> 75808 QUERY<br>++ Incoming Queries ++<br> 75786 A<br>
22 PTR<br>++ Outgoing Queries ++<br>[View: default]<br> 7374 A<br> 13410 NS<br> 97 PTR<br>[View: _bind]<br>++ Name Server Statistics ++<br> 75808 IPv4 requests received<br>
75781 requests with ADNS(0) received<br> 75019 responses sent<br> 75003 responses with ADNS(0) sent<br> 2848 queries resulted in successful answer<br> 72340 queries resulted in authoritative answer<br>
2239 queries resulted in non authoritative answer<br> 440 queries resulted in SERVFAIL<br> 71731 queries resulted in NXDOMAIN<br> 3466 queries caused recursion<br>
789 duplicate queries received<br>++ Zone Maintenance Statistics ++<br>++ Resolver Statistics ++<br>[Common]<br>[View: default]<br> 20881 IPv4 queries sent<br> 5283 IPv4 responses received<br>
111 NXDOMAIN received<br> 2533 SERVFAIL received<br> 16195 query retries<br> 15598 query timeouts<br> 450 IPv4 NS address fetches<br> 6 IPv4 NS address fetch failed<br>
4226 queries with RTT < 10ms<br> 17 queries with RTT 10-100ms<br> 869 queries with RTT 100-500ms<br> 82 queries with RTT 500-800ms<br> 37 queries with RTT 800-1600ms<br>
52 queries with RTT > 1600ms<br>[View: _bind]<br>++ Cache DB RRsets ++<br>[View: default]<br> 72 A<br> 24 NS<br> 5 CNAME<br> 5 NXDOMAIN<br>
[View: _bind (Cache: _bind)]<br>++ Socket I/O Statistics ++<br> 20886 UDP/IPv4 sockets opened<br> 4 TCP/IPv4 sockets opened<br> 20883 UDP/IPv4 sockets closed<br> 3910 TCP/IPv4 sockets closed<br>
2 UDP/IPv4 socket bind failures<br> 20881 UDP/IPv4 connections established<br> 3911 TCP/IPv4 connections accepted<br>++ Per Zone Query Statistics ++<br>--- Statistics Dump --- (1326803941)<br>
<br><br>Logging options in /etc/named.conf<br>------------------------------------<br><br><br>// Logging options <br>logging { <br> // logging option for named process<br> channel "default_debug" {<br>
file "/logs/named.log" versions 10 size 500m;<br> print-time yes;<br> print-category yes;<br> severity dynamic;<br> };<br><br> channel "queries" { // logging option for queries to named<br>
file "/logs/query.log" versions 20 size 500m;<br> print-time yes;<br> print-category yes;<br> severity dynamic;<br> };<br> <br> category default { "default_debug"; };<br>
category queries { null; }; // comment this line to log queries<br> category queries { "queries"; }; // uncomment this to log queries<br> category config { "default_debug"; };<br>
category security { "default_debug"; };<br>
category network { "default_debug"; };<br> category lame-servers { null; };<br> category general { null; };<br> category edns-disabled { null; }; <br> };<br><br>-----------------------------------------------------------------------------------------------------------------------------------------------------------<br>
<br>Kindly let me know the procedure to follow/options to enabled in logs to get a detailed report of queries <a href="http://w.r.to" target="_blank">w.r.to</a> the following lines. <br><br> 440 queries resulted in SERVFAIL<br>
71731 queries resulted in NXDOMAIN<br> 6 IPv4 NS address fetch failed<br><br>Thanks in advance.<br><br>Regards<br><br>ShivaRaman <br><br><br>
<br></div></div>_______________________________________________<br>
Please visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a href="mailto:bind-users@lists.isc.org" target="_blank">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br></blockquote></div><br>You should add "query-errors" category with severity debug 1 or greater. Refer to BIND's ARM, section 6.2.10.3 for further explanation.<span><font color="#888888"><br clear="all">
<br>-- <br>--<br>AP<br>
</font></span></blockquote></div><br>