BIND 9.11.4 dnstap not capturing updates

greg.rabil at bt.com greg.rabil at bt.com
Thu Aug 2 20:34:24 UTC 2018 

Hello BIND users,
(my apologies if this gets posted twice, I first sent to bind-users at isc.org<mailto:bind-users at isc.org> instead of bind-users at lists.isc.org<mailto:bind-users at lists.isc.org>)

I am running BIND 9.11.4 on CentOS 7, built with support for dnstap.  I am testing capturing of all DNS packets, including DNS update packets, but they don't seem to be captured.  Here are my named.conf options:

   dnstap-output   file "/tmp/dnstap.output"   ;
   dnstap {   all  ; };

I use nsupdate to send a DDNS update to my zone, which is added successfully.  However, the dnstap.output does not record the DNS update.  I see only the following three packets captured:

02-Aug-2018 16:24:37.365 AQ ::1:8145 -> ::1:0 UDP 38b test1.dnstaptest.com/IN/SOA
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  18817
;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;test1.dnstaptest.com.          IN      SOA

02-Aug-2018 16:24:37.365 AR ::1:8145 <- ::1:0 UDP 104b test1.dnstaptest.com/IN/SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:  18817
;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;test1.dnstaptest.com.          IN      SOA

;; AUTHORITY SECTION:
dnstaptest.com.         0       IN      SOA     centos7-dns-test1. dnsadmin.dnstaptest.com. 6 10800 3600 604800 86400

02-Aug-2018 16:24:37.367 AR ::1:8145 <- ::1:0 UDP 32b dnstaptest.com/IN/SOA
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  22809
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;dnstaptest.com.                        IN      SOA


Why is the DNS Update packet not captured/logged?

Thanks,
Greg Rabil


A. Gregory Rabil | Principal Software Architect| BT Diamond IP |
Tel: +1 (610) 321-9016 | Fax: +1 (610) 321-9004 |
greg.rabil at bt.com<mailto:greg.rabil at bt.com> | http://www.btdiamondip.com
This email contains BT information which may be privileged or confidential. It is meant only for the individual(s) or entity named above. If you are not the intended recipient, note that disclosing, copying, distributing or using this information is prohibited. If you have received this email in error, please let me know immediately on the email above. Thank you. We monitor our email system and may record your emails.
BT Americas Inc. 415 Eagleview Blvd., Suite 112, Exton, PA 19341
BT Americas Inc. is a wholly owned subsidiary of British Telecommunications plc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180802/0705802e/attachment-0001.html>

More information about the bind-users mailing list