logging of desination ip-address ?
Danny Thomas
d.thomas at its.uq.edu.au
Sun Feb 11 01:56:40 UTC 2007
While bind9 allows fine-grained control of ip-address usage
listen-on
query-source
transfer-source
and so forth, the destination address is not logged.
For example I recently wanted to find out whether
cisco boomerang dns
spurious ./NS (mainly from China)
spurious A.ROOT-SERVERS.NET/A (from China & Japan)
queries were arriving at the resolving or authoritative ip-address
of our name-servers, and I ended up using tcpdump. Luckily there
was at least one well-known source address for each of these types.
I think it could be useful to have a compile-time option enabling
whether query/update logging included destination ip/port.
Danny
--
d.thomas at its.uq.edu.au Danny Thomas,
+61-7-3365-8221 Software Infrastructure,
http://www.its.uq.edu.au ITS, The University of Queensland
More information about the bind-users
mailing list