getting answers from DNS queries
Fred Morris
m3047 at m3047.net
Mon Apr 25 16:45:05 UTC 2022
More specificity would help. OTOH you mentioned the word "compile"...
On Mon, 25 Apr 2022, King, Harold Clyde (Hal) via bind-users wrote:
> I asked this last week, but I didn't an answer. Who can I tell if a DNS
> query is refused or answered? Is it in the log files?
Not the latest version of BIND (9.12), but here's what I get in the log:
25-Apr-2022 06:54:33.353 debug 2: fetch completed at resolver.c:4176 for
time.nist.gov/A in 10.000446: timed out/success
[domain:nist.gov,referral:0,restart:1,qrysent:4,timeout:0,lame:0,quota:0,neterr:0,badresp:0,adberr:0,findfail:0,valfail:0]
25-Apr-2022 06:56:21.593 debug 2: fetch completed at resolver.c:4176 for
time.nist.gov/A in 10.000430: timed out/success
[domain:nist.gov,referral:0,restart:2,qrysent:10,timeout:0,lame:0,quota:0,neterr:0,badresp:0,adberr:0,findfail:0,valfail:0]
Here's the config for that:
// Must start named with -d 2 for this to be activated,
// otherwise it's just silent.
channel queryerrors {
file "bind-query-errors.log" versions 2 size 20m;
severity debug 2;
print-category no;
print-severity yes;
print-time yes;
};
I would expect the information you seek to be available via Dnstap.
--
Fred Morris, internet plumber
More information about the bind-users
mailing list