Logging question
Jelte Jansen
jelte at isc.org
Mon Feb 6 10:08:25 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/04/2012 09:45 PM, Spain, Dr. Jeffry A. wrote:
> I was troubleshooting a problem with outbound zone transfers using
> TSIG keys from a bind10-devel-20120119 system to a bind9.9.0rc2
> system. The problem indicated in the bind9.9.0rc2 syslog was:
>
> 04-Feb-2012 14:53:16.906 zone jaspain.biz/IN (unsigned): refresh:
> failure trying master 2001:4870:20ca:158:14ff:7695:9632:e9ec#53
> (source ::#0): tsig indicates error
>
> To see what was happening on the bind10 side, I configured logging
> as follows:
>
>> config show all Logging
> Logging/loggers[0]/name "*" string Logging/loggers[0]/severity
> "DEBUG" string Logging/loggers[0]/debuglevel 40 integer
> Logging/loggers[0]/additive false boolean (default)
> Logging/loggers[0]/output_options[0]/destination "file"
> string Logging/loggers[0]/output_options[0]/output
> "/var/log/bind10.log" string
> Logging/loggers[0]/output_options[0]/flush true boolean
> Logging/loggers[0]/output_options[0]/maxsize 1048576 integer
> Logging/loggers[0]/output_options[0]/maxver 16 integer
>
> There were no corresponding errors logged to /var/log/bind10.log,
> in fact no messages at all during that time period. Did I
> misconfigure logging or is there a problem with logging TSIG errors
> in the Xfrout module or elsewhere?
>
> By the way I found a key name mismatch and fixed that, but ended up
> using tcpdump to capture the network traffic between the two
> machines in order to do so.
>
This configuration snippet looks ok. I've browsed through the xfrout
code, and logging there seems to be seriously lacking atm. Thanks for
the tip, I'll create a ticket to improve this.
Jelte
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk8vppkACgkQ4nZCKsdOncWzIQCgu4gigP0k98Yn20OPpNMm48zb
/fEAn2WVhQbawyTmjomAKtUpJxB758ZW
=D1mG
-----END PGP SIGNATURE-----
More information about the bind10-users
mailing list