bind-9.2.0 logging - some minor niggles and bumps

Ted_Rule at flextech.co.uk Ted_Rule at flextech.co.uk
Wed May 22 12:34:29 UTC 2002




Some miscellaneous quirks I've noticed when comparing bind-8.2.x logging with
bind-9.2.0 logging.

The notify processing code fails to log any message indicating a valid notify
message
has been received. bin/named/notify.c contains a number of notify_log() calls
for various classes
of failure, but no logging of success per se.

This as compared with bind8 which logs both success and failure in the notify
code.

I don't know whether this is by design to reduce logging levels in general, or
merely an oversight;
personally I preferred bind8's level of logging in this regard.

There also seems to be no explicit logging of zone removal. A cursory hunt round
the bind9
source tree suggests that an extra dns_zone_log() call within lib/dns/zone.c's
zone_free() function would fit the bill.

Again, bind8 did log the removal; if you removed a zone from named.conf, and did
"ndc reconfig", a syslog
of "zone removed" would result.

Additionally. query denial logs contain too little information to be really
useful without the corresponding
querylog log message which occurs just before it. This requires query logging to
be enabled,
which I would imagine most people would prefer not to do - but even then, one
has to collate both lines
to gather together any sensible list of denials.

Sample denial message:

May 22 05:56:37 miranda named[607]: security: info: client 195.99.65.220#53:
query (cache) denied

As per the querylog info level message, I feel it would be useful to include
name/type/class of the query
in the query denial message. It would probably also be useful to include
"transport == UDP/TCP"
and "recursive-flag" in both the querylog and query denial messages. I believe
the recursive flag logging
in querylog messages has been mentioned here before.



Ted







***************************************************************************************************

This E-mail message, including any attachments, is intended only for the person
or entity to which it is addressed, and may contain confidential information.

If you are not the intended recipient, any review, retransmission, disclosure,
copying, modification or other use of this E-mail message or attachments is
strictly forbidden.

If you have received this E-mail message in error, please contact the author and
delete the message and any attachments from your computer.

You are also advised that the views and opinions expressed in this E-mail
message and any attachments are the author's own, and may not reflect the views
and opinions of FLEXTECH Television Limited.

***************************************************************************************************



More information about the bind-workers mailing list