Aw: No "notify" category debug log entries anymore with Bind 9.11.3

Wed Jan 5 14:08:13 UTC 2022

Please see my comments between the citates.

> Betreff: No "notify" category debug log entries anymore with Bind 9.11.3
>
> On old server with Ubuntu 12 and Bind 9.8.1
> I got the following "notify" category log entries as expected (domain names and IP addresses redacted):
>
> 27-Dec-2021 12:58:51.786 notify: debug 3: zone example.com/IN: sending notify to 1.2.3.4#53
> 27-Dec-2021 12:58:51.816 notify: debug 3: zone example.com/IN: notify response from 1.2.3.4#53: NOERROR

> With new server Ubuntu 18 and Bind 9.11.3
> there are no "notify" category debug log entries anymore. The log does only contain entries of severity "info", e.g.
>
> 29-Dec-2021 12:00:33.475 notify: info: zone example.com/IN: sending notifies (serial 2021021001)

Looks to me like this is the code where the above "notify response..." debug log message I am missing with Bind 9.11.3 is created:

https://github.com/isc-projects/bind9/blob/v9_11_3_patch/lib/dns/zone.c

13862 if (result == ISC_R_SUCCESS)
13863 notify_log(notify->zone, ISC_LOG_DEBUG(3),
13864 "notify response from %s: %.*s",
13865 addrbuf, (int)buf.used, rcode);
13866 else
13867 notify_log(notify->zone, ISC_LOG_DEBUG(2),
13868 "notify to %s failed: %s", addrbuf,
13869 dns_result_totext(result));

So the code seems to be there, with debug level 3 and 2, and either if the notify was success or failed (the second case of failure I expect because of firewall restriction) there should be an according debug log message.

I guess I have a simple logging config error. Any idea why I do not see the notify debug log messages?

Can somebody please try to reproduce with Bind 9.11.3 ?

Why did I see the debug log messages with the same config in Bind 9.8.1 ?

> Log config in /etc/bind/named.conf.options with Bind 9.11.3 is exactly the same as on the old server with Bind 9.8.1:
>
> logging {
>
>     channel transfer_logfile {
>         file "/var/log/named/transfer.log" versions 7 size 10m;
>         severity debug 6;
>         print-time yes;
>         print-category yes;
>         print-severity yes;
>     };
>
>     category notify         { transfer_logfile; };
> };
>
> I tested with "severity debug 16" but that did not help.
> I tested with "severity notice", that lead to the "info" log entries to disappear, so there is just nothing logged anymore for "notify" category, as expected.
>
> I also run "rndc trace" six times, so in named.log was logged "general: info: debug level is now 6" and did a zone reload, but again, no "notify" debug log entries.
>
> I also tested with "severity debug 6" in the default log channel, that lead to debug log entries for categories like "database" etc., so debug log is generally working.
>
> How can I get the log entries "sending notify to ..." and "notify response from ..." back again in the "notify" category log?