getting answers from DNS queries

Ondřej Surý ondrej at isc.org
Mon Apr 25 15:31:14 UTC 2022 

That’s much better - you should search for dnstap, initial pointer might be:

https://kb.isc.org/docs/aa-01342

Ondrej
--
Ondřej Surý (He/Him)
ondrej at isc.org

My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.

> On 25. 4. 2022, at 17:27, King, Harold Clyde (Hal) <hck at utk.edu> wrote:
> 
> That's fair. I can see queries come into my DNS server, but I can't find answers to thoughts queries. I have an RPZ zone and I get a log file that says PASSTHROUGH or NXDOMAIN. That tells me that the request was served or denied. I want something that will tell me the answer to each query. I have my server set to denied requests for recursion. So I know those will be denied, I want that for every query. I compile each new release and use that for production. Is there something I can set at compile-time? Perhaps I add an option to the logging statement? I kinda lost my google-fu on this one and I really am thankful to y'all for any help that you might have.
> 
> 
> --
> 
> Hal King  - hck at utk.edu
> Systems Administrator
> Office of Information Technology
> Shared Services
> 
> The University of Tennessee
> 103c5 Kingston Pike Building
> 2309 Kingston Pk. Knoxville, TN 37996
> Phone: 974-1599
> <Outlook-chx4xafv.png>
> 
> From: Ondřej Surý
> Sent: Monday, April 25, 2022 10:37 AM
> To: King, Harold Clyde (Hal)
> Cc: bind-users
> Subject: Re: getting answers from DNS queries
> 
> > I asked this last week, but I didn't an answer.
> 
> Probably because I still don’t know what you mean. You need to better
> articulate your problem and your question.
> 
> Ondrej
> --
> Ondřej Surý (He/Him)
> ondrej at isc.org
> 
> My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
> 
> > On 25. 4. 2022, at 16:11, King, Harold Clyde (Hal) via bind-users <bind-users at lists.isc.org> wrote:
> >
> > I asked this last week, but I didn't an answer. Who can I tell if a DNS query is refused or answered? Is it in the log files? Can a compile-time option help me access it? Sorry to repeat but I really need to know this.
> >
> > Thank in advance.
> >
> >
> > --
> >
> > Hal King  - hck at utk.edu
> > Systems Administrator
> > Office of Information Technology
> > Shared Services
> >
> > The University of Tennessee
> > 103c5 Kingston Pike Building
> > 2309 Kingston Pk. Knoxville, TN 37996
> > Phone: 974-1599
> > <Outlook-qu5ye42k.png>
> > --
> > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> >
> > ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> >
> >
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220425/6f52d06a/attachment.sig>

More information about the bind-users mailing list