More specificity would help. OTOH you mentioned the word "compile"...
On Mon, 25 Apr 2022, King, Harold Clyde (Hal) via bind-users wrote:
I asked this last week, but I didn't an answer. Who can I tell if a DNS
query is refused or answered? Is it in the log files?
Not the latest version of BIND (9.12), but here's what I get in the log:
25-Apr-2022 06:54:33.353 debug 2: fetch completed at resolver.c:4176 for
time.nist.gov/A in 10.000446: timed out/success
[domain:nist.gov,referral:0,restart:1,qrysent:4,timeout:0,lame:0,quota:0,neterr:0,badresp:0,adberr:0,findfail:0,valfail:0]
25-Apr-2022 06:56:21.593 debug 2: fetch completed at resolver.c:4176 for
time.nist.gov/A in 10.000430: timed out/success
[domain:nist.gov,referral:0,restart:2,qrysent:10,timeout:0,lame:0,quota:0,neterr:0,badresp:0,adberr:0,findfail:0,valfail:0]
Here's the config for that:
// Must start named with -d 2 for this to be activated,
// otherwise it's just silent.
channel queryerrors {
file "bind-query-errors.log" versions 2 size 20m;
severity debug 2;
print-category no;
print-severity yes;
print-time yes;
};
I would expect the information you seek to be available via Dnstap.
--
Fred Morris, internet plumber
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
