티스토리 뷰

___네임서버

[네임서버] BIND logging | BIND 9.5.x

변군 변군이글루 2013. 6. 24. 22:40

BIND logging

default

The default category defines the logging options for those categories where no specific configuration has been defined.

general

The catch-all. Many things still aren't classified into categories, and they all end up here.

database

Messages relating to the databases used internally by the name server to store zone and cache data.

security

Approval and denial of requests.

config

Configuration file parsing and processing.

resolver

DNS resolution, such as the recursive lookups performed on behalf of clients by a caching name server.

xfer-in

Zone transfers the server is receiving.

xfer-out

Zone transfers the server is sending.

notify

The NOTIFY protocol.

client

Processing of client requests.

unmatched

Messages that named was unable to determine the class of or for which there was no matching view.
A one line summary is also logged to the
client
category.
This category is best sent to a file or stderr, by default it is sent to the
null channel.

network

Network operations.

update

Dynamic updates.

update-security

Approval and denial of update requests.

queries

Specify where queries should be logged to.

At startup, specifying the category queries will also enable query logging unless querylog option has been specified.

The query log entry reports the client's IP address and port number, and the query name, class and type. It also reports whether the Recursion Desired flag was set (+ if set, -if not set), if the query was signed (S),EDNS was in use (E), if DO (DNSSEC Ok) was set (D), or if CD (Checking Disabled) was set (C).

client 127.0.0.1#62536: query: www.example.comIN AAAA +SE

client ::1#62537: query: www.example.netIN AAAA -SE

query-errors

Information about queries that resulted in some failure.

dispatch

Dispatching of incoming packets to the server modules where they are to be processed.

dnssec

DNSSEC and TSIG protocol processing.

lame-servers

Lame servers. These are misconfigurations in remote servers, discovered by BIND 9 when trying to query those servers during resolution.

delegation-only

Delegation only. Logs queries that have been forced to NXDOMAIN as the result of a delegation-only zone or a delegation-only in a hint or stub zone declaration.

edns-disabled

Log queries that have been forced to use plain DNS due to timeouts. This is often due to the remote servers not being RFC 1034 compliant (not always returning FORMERR or similar to EDNS queries and other extensions to the DNS when they are not understood). In other words, this is targeted at servers that fail to respond to DNS queries that they don't understand.

Note: the log message can also be due to packet loss. Before reporting servers for non-RFC 1034 compliance they should be re-tested to determine the nature of the non-compliance. This testing should prevent or reduce the number of false-positive reports.

Note: eventually named will have to stop treating such timeouts as due to RFC 1034 non ompliance and start treating it as plain packet loss. Falsely classifying packet loss as due to RFC 1034 non compliance impacts on DNSSEC validation which requires EDNS for the DNSSEC records to be returned.


http://www.isc.org/software/bind/documentation/arm95

 

 

 

 

댓글
댓글쓰기 폼