Logging my own lame delegations
Doug Barton
DougB at DougBarton.net
Sun Feb 10 23:03:37 UTC 2002
For a variety of reasons, I sometimes discover names that have
been delegated to my many name servers which I was not aware of. Most
often this happens because rogue users just put my name servers in their
applications, and most registrars don't check to see if the names are set
up there.
What I'd like to do is somehow log when I get a request for a
domain that I'm not authoritative for. I've done some
reading/investigation on this, and the only solution I've come up with is
to turn on query logging, and unfortunately that's probably not a rational
alternative. The servers I'm most worried about get anywhere from hundreds
to over 1,000 requests per second, and even though disk is cheap, it's not
_that_ cheap. :)
So, is there some magic combination of logs/debug levels/etc. that
will give me just the information I want, or do I have to start hacking
code somewhere? (Be afraid, be very afraid...) Come to think of it, while
I'm most concerned about logging for zones that people expect me to be
authoritative for, it might be nice to also log what people are looking
for when I send NXDOMAIN responses too. Hrrmm...
Doug
--
"We have known freedom's price. We have shown freedom's power.
And in this great conflict, ... we will see freedom's victory."
- George W. Bush, President of the United States
State of the Union, January 28, 2002
Do YOU Yahoo!?
More information about the bind-users
mailing list