Logging Name Queries and Forwarding

[Mark_Andrews at isc.org]

> Hello,
> 
> I would like our name server, BIND v9.2.2rc1 running on Solaris 8, to
> log all name query requests and forward them to another name server.
> Any help on how to set this up would be appreciated.
> 
> I know how to setup a forwarder, however if I understand correctly, a
> name server will only forward queries for zones for which is it not
> authoritative. I would like my name server to forward requests even
> for the zone for which is it authoritative, i.e., any query at all,
> and I would like the bind server to log all requests.
> 
> Basically I am retiring a DNS server and want to forward all queries
> to the new DNS server, so that I can catch those users who have not
> updated their DNS server entries to point to the new server and
> continue using the old one. This way their queries still get resolved
> and I find out who they are so I can contact them and ask them to
> change their DNS server entries, thereby causing the least amount of
> disruption.
> 
> Thank you!

	Setup the new server preserving the serial number sequences
	for the zones the old server was master for.  Make the old
	server a slave of the new server this will allow slaves of
	the old server to get up to date copies of the zones.  Remove
	any NS references to the old server.  Turn on query logging.
	Once the TTLs expire the only thing going to the old server
	should be traffic from hardcoded addresses (resolv.conf /
	named.conf / named.boot).

	The non-recursive queries will mainly be from slaves that need to
	be updated.  The recursive queries will be from machines that
	need resolv.conf to be updated or need long running programs to be
	restarted (e.g. sendmail).

	Once you have fixed up all the old slaves you can just make
	named a caching server by removing the zone definitions.

	Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org