Logging question

[Jelte Jansen]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/04/2012 09:45 PM, Spain, Dr. Jeffry A. wrote:
> I was troubleshooting a problem with outbound zone transfers using
> TSIG keys from a bind10-devel-20120119 system to a bind9.9.0rc2
> system. The problem indicated in the bind9.9.0rc2 syslog was:
> 
> 04-Feb-2012 14:53:16.906 zone jaspain.biz/IN (unsigned): refresh:
> failure trying master 2001:4870:20ca:158:14ff:7695:9632:e9ec#53
> (source ::#0): tsig indicates error
> 
> To see what was happening on the bind10 side, I configured logging
> as follows:
> 
>> config show all Logging
> Logging/loggers[0]/name "*"     string Logging/loggers[0]/severity
> "DEBUG" string Logging/loggers[0]/debuglevel   40      integer 
> Logging/loggers[0]/additive     false   boolean (default) 
> Logging/loggers[0]/output_options[0]/destination        "file"
> string Logging/loggers[0]/output_options[0]/output
> "/var/log/bind10.log"   string 
> Logging/loggers[0]/output_options[0]/flush      true    boolean 
> Logging/loggers[0]/output_options[0]/maxsize    1048576 integer 
> Logging/loggers[0]/output_options[0]/maxver     16      integer
> 
> There were no corresponding errors logged to /var/log/bind10.log,
> in fact no messages at all during that time period. Did I
> misconfigure logging or is there a problem with logging TSIG errors
> in the Xfrout module or elsewhere?
> 
> By the way I found a key name mismatch and fixed that, but ended up
> using tcpdump to capture the network traffic between the two
> machines in order to do so.
> 

This configuration snippet looks ok. I've browsed through the xfrout
code, and logging there seems to be seriously lacking atm. Thanks for
the tip, I'll create a ticket to improve this.

Jelte
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8vppkACgkQ4nZCKsdOncWzIQCgu4gigP0k98Yn20OPpNMm48zb
/fEAn2WVhQbawyTmjomAKtUpJxB758ZW
=D1mG
-----END PGP SIGNATURE-----