Agenda: dns-bind-logging.txt

File dns-bind-logging.txt, 2.8 KB (added by admin, 7 years ago)
Line 
1BIND LOGGING
2------------
3
4By default, logs from named are sent to /var/log/messages via syslog.
5
6Let's make BIND log in a more detailed fashion.
7
8On MASTER (master.grpX):
9
101. Create the log directory:
11
12        # mkdir /etc/namedb/log
13        # chown bind /etc/namedb/log
14
152. Edit /etc/namedb/named.conf, find the end of the "options" section, and
16   create the "logging section":
17
18options {
19    ...
20};
21
22// - - - - - - - - - - - - - - - cut below - - - - - - - - - - - - - - -
23
24logging {
25        // Channels
26
27        channel transfers {
28            file "/etc/namedb/log/transfers" versions 3 size 10M;
29            print-time yes;
30                        severity info;
31        };
32        channel notify {
33            file "/etc/namedb/log/notify" versions 3 size 10M;
34            print-time yes;
35                        severity info;
36        };
37        channel dnssec {
38            file "/etc/namedb/log/dnssec" versions 3 size 10M;
39            print-time yes;
40                        severity info;
41        };
42        channel query {
43            file "/etc/namedb/log/query" versions 5 size 10M;
44            print-time yes;
45                        severity info;
46        };
47        channel general {
48            file "/etc/namedb/log/general" versions 3 size 10M;
49            print-time yes;
50                        severity info;
51        };
52
53        // Categories
54
55        category xfer-out { transfers; };
56        category xfer-in { transfers; };
57        category notify { notify; };
58
59        category lame-servers { general; };
60        category config { general; };
61        category default { general; };
62        category security { general; };
63        category dnssec { dnssec; };
64
65        // category queries { query; };
66
67}; // end of logging section
68
69// - - - - - - - - - - - - - - - cut above - - - - - - - - - - - - - - -
70
71
72Save and exit the file, and TEST that it works:
73
74        # named-checkconf /etc/namedb/named.conf
75
76Note that the "queries" category is commented out. This is on purpose as this
77log file on many servers could become very large quickly.
78
792. Now reconfig or restart bind:
80
81   # rndc reconfig
82
83        - Look into /etc/namedb/log/, and see if the files get created.
84
85        If it doesn't work, try:
86
87        - check permissions for /etc/namedb/log
88        - restarting named (/etc/rc.d/named restart)
89
903. Do a zone transfer of you own domain:
91
92        # dig @master.grpX.ws.nsrc.org AXFR MYTLD
93        ...
94
95        - Verify that the transfer shows up in /etc/namedb/log/transfers:
96
9717-Feb-2011 11:18:15.331 client 127.0.0.1#61235: transfer of 'MYTLD/IN': AXFR started
9817-Feb-2011 11:18:15.331 client 127.0.0.1#61235: transfer of 'MYTLD/IN': AXFR ended
99
1004. Update the serial number on your master zone file:
101
102        # vi /etc/namedb/master/MYTLD
103
104        Increment Serial by 1 then save the zone file.
105
106        # rndc reload MYTLD
107
108        In the notify log file there should be a line that looks something
109        like this:
110
111        # cat /etc/namedb/log/notify
112
11322-Feb-2012 23:43:48.647 zone MYTLD/IN: sending notifies (serial 2012022306)