Logging Name Queries and Forwarding
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Wed Jan 22 01:47:21 UTC 2003
> Hello,
>
> I would like our name server, BIND v9.2.2rc1 running on Solaris 8, to
> log all name query requests and forward them to another name server.
> Any help on how to set this up would be appreciated.
>
> I know how to setup a forwarder, however if I understand correctly, a
> name server will only forward queries for zones for which is it not
> authoritative. I would like my name server to forward requests even
> for the zone for which is it authoritative, i.e., any query at all,
> and I would like the bind server to log all requests.
>
> Basically I am retiring a DNS server and want to forward all queries
> to the new DNS server, so that I can catch those users who have not
> updated their DNS server entries to point to the new server and
> continue using the old one. This way their queries still get resolved
> and I find out who they are so I can contact them and ask them to
> change their DNS server entries, thereby causing the least amount of
> disruption.
>
> Thank you!
Setup the new server preserving the serial number sequences
for the zones the old server was master for. Make the old
server a slave of the new server this will allow slaves of
the old server to get up to date copies of the zones. Remove
any NS references to the old server. Turn on query logging.
Once the TTLs expire the only thing going to the old server
should be traffic from hardcoded addresses (resolv.conf /
named.conf / named.boot).
The non-recursive queries will mainly be from slaves that need to
be updated. The recursive queries will be from machines that
need resolv.conf to be updated or need long running programs to be
restarted (e.g. sendmail).
Once you have fixed up all the old slaves you can just make
named a caching server by removing the zone definitions.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list