Re: bin 9.10 verbose logging
In message <1399664632.4864.59.ca...@ns.five-ten-sg.com>, Carl Byington writes: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Sat, 2014-05-03 at 14:28 -0500, Jeremy C. Reed wrote: > > "We didn't get a OPT record in response to a EDNS query." and also > > says "We need to drop/remove the logging here when we have more > > experience." > > Is there a sample dig query that can reproduce this? I see such a > message in my log files regarding domain of interest to me. > > For the OP's question, presumably something like > > dig dns2.osogrande.com @207.66.8.132 +? Modern versions of DiG turn on EDNS by default. +[no]edns[=version] +[no]dnssec (implies +edns) If there is a OPT record in the response you will see something like this: ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 or ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; NSID: 72 6f 63 6b 2e 64 76 2e 69 73 63 2e 6f 72 67 ("rock.dv.isc.org") ; SIT: 8cd65ccfb9f282d53599db62536d5c39ec27d9c7420ccbbe (good) ; EXPIRE: 2389987 (3 weeks 6 days 15 hours 53 minutes 7 seconds) If you turn on some of the EDNS options (+sit +nsid +expire) in the request. +sit(source identity token) provides 64 additional bits of randomness to make of path spoofing virtually impossible to achieve. It also provides a method for servers to know they are talking to a client that have talked to before so they don't need to rate limit responses (uses a experimental code point). +nsid (name server identifier) +expire how long to go before the zone expires (code point 9 has been assigned for this, 9.10.0 uses a experimental code point and will be changed in 9.10.1 to the assigned code point). Mark > -BEGIN PGP SIGNATURE- > Version: GnuPG v2.0.14 (GNU/Linux) > > iEYEARECAAYFAlNtL94ACgkQL6j7milTFsGZ2wCfccgyulUODofPfOr1vG98U8t+ > ujYAnjdsOnfTFsJVDeHqycRoKLkT5o/G > =8OIw > -END PGP SIGNATURE- > > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 2014-05-03 at 14:28 -0500, Jeremy C. Reed wrote: > "We didn't get a OPT record in response to a EDNS query." and also > says "We need to drop/remove the logging here when we have more > experience." Is there a sample dig query that can reproduce this? I see such a message in my log files regarding domain of interest to me. For the OP's question, presumably something like dig dns2.osogrande.com @207.66.8.132 +? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAlNtL94ACgkQL6j7milTFsGZ2wCfccgyulUODofPfOr1vG98U8t+ ujYAnjdsOnfTFsJVDeHqycRoKLkT5o/G =8OIw -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
Noel Butler wrote: > > U, since upgrade 9.9.5 to 9.10 every request to the name server is > spewing copious amounts of debug type data (thankfully I only upgraded > the one server) > > Was debug left on in the final release source code? :) When I was running pre-release versions I hacked out some of the new EDNS logging (see link below) which I thought would be adjusted before release but I think someone forgot :-) An alternative patch would be to reduce the ISC_LOG_NOTICE to ISC_LOG_DEBUG(3). https://github.com/fanf2/bind-9/commit/73a2c0ec42c0915bde0275c81861f57645daf683 Tony. -- f.anthony.n.finchhttp://dotat.at/ Hebrides, Bailey, Fair Isle, South Faeroes: Mainly southerly or southeasterly, becoming cyclonic 4 or 5, occasionally 6 at first. Moderate or rough. Rain or showers. Moderate or good, occasionally poor. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
On Sun, May 04, 2014 at 01:32:18PM +1000, Noel Butler wrote: > On 04/05/2014 05:28, Jeremy C. Reed wrote: > > >It is at the "notice" severity level. The code says: > > > >"We didn't get a OPT record in response to a EDNS query." and > >also says "We need to drop/remove the logging here when we have > >more experience." > > > >Are you getting this debugging for EDNS-related problems for > >"every request"? Maybe need to realize why. > > Yes, at a guess I'd day every single request to the caching > server was logging, daemon log which rarely sees more than > 200k a week, grew to 210mb in 24 hours :) > > >Maybe you can change the setting in > > > >from ISC_LOG_NOTICE to ISC_LOG_DEBUG(10) in your > > ./lib/dns/resolver.c. > > that didnt seem to do anything, I'm going to revert that > server back to 9.9.5 to stop this madness. I'll maybe look > for a logging option to null out, tomorrow. This is what I use for a logging statement: logging { channel "default_log" { file "logs/named.log" versions unlimited size 10485760; severity dynamic; print-time yes; print-severity yes; print-category yes; }; channel "query_log" { file "logs/query.log" versions 5 size 5242880; severity dynamic; print-time yes; }; category "default" { "default_log"; }; category "queries" { "query_log"; }; }; The print-category and print-severity in the default_log file will quickly show you which category + severity is causing the noise. Then, you can define another channel to deal with those as you consider necessary / best. Refer to ARM chapter 6 for details: bind-9.10.0/doc/arm/Bv9ARM.ch06.html#id2574892 -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
On 04/05/2014 05:28, Jeremy C. Reed wrote: It is at the "notice" severity level. The code says: "We didn't get a OPT record in response to a EDNS query." and also says "We need to drop/remove the logging here when we have more experience." Are you getting this debugging for EDNS-related problems for "every request"? Maybe need to realize why. Yes, at a guess I'd day every single request to the caching server was logging, daemon log which rarely sees more than 200k a week, grew to 210mb in 24 hours :) Maybe you can change the setting in from ISC_LOG_NOTICE to ISC_LOG_DEBUG(10) in your ./lib/dns/resolver.c. that didnt seem to do anything, I'm going to revert that server back to 9.9.5 to stop this madness. I'll maybe look for a logging option to null out, tomorrow. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
On Sat, 3 May 2014, Noel Butler wrote: > U, since upgrade 9.9.5 to 9.10 every request to the name server is > spewing copious amounts of debug type data (thankfully I only upgraded the > one server) > > > > named[23250]: received packet from 207.66.8.132#53 (no opt): ;; > ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20501 ;; flags: qr aa; > QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: > ;dns2.osogrande.com.^I^IIN^I ;; AUTHORITY SECTION: > osogrande.com.^I^I86400^IIN^ISOA^Idns1.osogrande.com. > hostmaster.osogrande.com. 2002041909 14400 7200 604800 600 > > > Was debug left on in the final release source code? :) It is at the "notice" severity level. The code says: "We didn't get a OPT record in response to a EDNS query." and also says "We need to drop/remove the logging here when we have more experience." Are you getting this debugging for EDNS-related problems for "every request"? Maybe need to realize why. Maybe you can change the setting in from ISC_LOG_NOTICE to ISC_LOG_DEBUG(10) in your ./lib/dns/resolver.c. Or override the resolver category default in your named.conf.___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
bin 9.10 verbose logging
Hi, U, since upgrade 9.9.5 to 9.10 every request to the name server is spewing copious amounts of debug type data (thankfully I only upgraded the one server) named[23250]: received packet from 207.66.8.132#53 (no opt): ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20501 ;; flags: qr aa; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;dns2.osogrande.com.^I^IIN^I ;; AUTHORITY SECTION: osogrande.com.^I^I86400^IIN^ISOA^Idns1.osogrande.com. hostmaster.osogrande.com. 2002041909 14400 7200 604800 600 WTF ? Was debug left on in the final release source code? :) ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users