Log of unresolved DNS queries?
activeco at home.nl
activeco at home.nl
Sun Dec 22 23:49:24 UTC 2002
On 22 Dec 2002 23:21:04 -0000, Simon Waters
<Simon at wretched.demon.co.uk> wrote:
>
>activeco at home.nl wrote:
>>
>> Does anyone know of a possibility to get a log of unresolved dns
>> queries (especially .coms) for any time period, preferably from a
>> root server; hourly, daily, doesn't matter?
>> Any address, tool, anything which could return asked non-existent
>> locations.
>
>Packet tracing like ethereal should easily catch all NXDOMAIN
>answers whizzing through an interfaces I would have thought.
>
Thanks Simon.
Could you provide more info, please?
>I don't understand the root server reference, do you mean an
>authoritative server?
>
>The root servers would not know about failed ".com" lookup's as
>they would refer such a request to the GTLD servers, who would
>return NXDOMAIN.
>
Well, I am the absolute amateur in this, so the most of the
terminology I am not familiar with.
I met with the "topic" today, did some research and tought that
all the DNS requests go hierarchicaly towards highest root
servers for resolving.
So I guessed all non-existing domain name's requests must end there.
Please excuse my greeness. :-)
>I assume "unresolved" means none existent domains, which DO
>resolve, to a negative answer. i.e. an authoritative server says
>it doesn't exist.
>
Right.
>It is not uncommon to have reverse lookups fail due to erroneous
>configurations, BIND 9 lists some of these as lame, which can be
>confusing.
>
>
More information about the bind-users
mailing list