Bind 9 query logging

Thu Jan 29 22:01:55 UTC 2009

At Thu, 29 Jan 2009 14:33:31 -0500,
cod3fr3ak <rvc.pobox+unixlists at gmail.com> wrote:

>         channel query_log
>                 {
>                 file "/var/adm/dns-logs/dns_query.log" versions 7 size 2G;
>                 severity debug 3;
>                 print-category yes;
>                 print-severity yes;
>                 print-time yes;
>                 };

> According to the O Reilly book DNS and Bind (4th Edition) and the Bind 9 web
> docs the configuration above should log both the requested query and the
> response. Currently all I get back is the query:

What exactly do you mean by 'BIND 9 web doc', and which specific part
of it are you referring to?  Whatever the docs or books say, the fact
is that BIND9 doesn't log replies.

BTW, next version(s) of BIND9 (at least 9.7, perhaps next minor
versions of current releases) will have the ability to log query
errors, which include logs about responses indicating an error (such
as NXDOMAINs or SERVFAILs).  So, if you're particularly interested in
such unusual responses, you'll probably be happy with that.

We previously discussed in this mailing list whether we want to have
the ability of logging any responses.  Opinions varied: some said that
would be great, others said "don't complicate the implementation any
more, and let packet capture tools do the job".  I see the point of
both sides, and at the moment we're simply keeping the current
behavior (i.e, not logging responses).

---
JINMEI, Tatuya
Internet Systems Consortium, Inc.