Re: bin 9.10 verbose logging
In message <1399664632.4864.59.ca...@ns.five-ten-sg.com>, Carl Byington writes:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Sat, 2014-05-03 at 14:28 -0500, Jeremy C. Reed wrote:
> > "We didn't get a OPT record in response to a EDNS query." and also
> > says "We need to drop/remove the logging here when we have more
> > experience."
>
> Is there a sample dig query that can reproduce this? I see such a
> message in my log files regarding domain of interest to me.
>
> For the OP's question, presumably something like
>
> dig dns2.osogrande.com @207.66.8.132 +?
Modern versions of DiG turn on EDNS by default.
+[no]edns[=version]
+[no]dnssec (implies +edns)
If there is a OPT record in the response you will see something
like this:
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
or
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; NSID: 72 6f 63 6b 2e 64 76 2e 69 73 63 2e 6f 72 67 ("rock.dv.isc.org")
; SIT: 8cd65ccfb9f282d53599db62536d5c39ec27d9c7420ccbbe (good)
; EXPIRE: 2389987 (3 weeks 6 days 15 hours 53 minutes 7 seconds)
If you turn on some of the EDNS options (+sit +nsid +expire) in the
request.
+sit(source identity token) provides 64 additional bits of randomness
to make of path spoofing virtually impossible to achieve. It
also provides a method for servers to know they are talking to
a client that have talked to before so they don't need to
rate limit responses (uses a experimental code point).
+nsid (name server identifier)
+expire how long to go before the zone expires (code point 9 has been
assigned for this, 9.10.0 uses a experimental code point and
will be changed in 9.10.1 to the assigned code point).
Mark
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.14 (GNU/Linux)
>
> iEYEARECAAYFAlNtL94ACgkQL6j7milTFsGZ2wCfccgyulUODofPfOr1vG98U8t+
> ujYAnjdsOnfTFsJVDeHqycRoKLkT5o/G
> =8OIw
> -END PGP SIGNATURE-
>
>
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 2014-05-03 at 14:28 -0500, Jeremy C. Reed wrote: > "We didn't get a OPT record in response to a EDNS query." and also > says "We need to drop/remove the logging here when we have more > experience." Is there a sample dig query that can reproduce this? I see such a message in my log files regarding domain of interest to me. For the OP's question, presumably something like dig dns2.osogrande.com @207.66.8.132 +? -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAlNtL94ACgkQL6j7milTFsGZ2wCfccgyulUODofPfOr1vG98U8t+ ujYAnjdsOnfTFsJVDeHqycRoKLkT5o/G =8OIw -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
Noel Butler wrote: > > U, since upgrade 9.9.5 to 9.10 every request to the name server is > spewing copious amounts of debug type data (thankfully I only upgraded > the one server) > > Was debug left on in the final release source code? :) When I was running pre-release versions I hacked out some of the new EDNS logging (see link below) which I thought would be adjusted before release but I think someone forgot :-) An alternative patch would be to reduce the ISC_LOG_NOTICE to ISC_LOG_DEBUG(3). https://github.com/fanf2/bind-9/commit/73a2c0ec42c0915bde0275c81861f57645daf683 Tony. -- f.anthony.n.finchhttp://dotat.at/ Hebrides, Bailey, Fair Isle, South Faeroes: Mainly southerly or southeasterly, becoming cyclonic 4 or 5, occasionally 6 at first. Moderate or rough. Rain or showers. Moderate or good, occasionally poor. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
On Sun, May 04, 2014 at 01:32:18PM +1000, Noel Butler wrote:
> On 04/05/2014 05:28, Jeremy C. Reed wrote:
>
> >It is at the "notice" severity level. The code says:
> >
> >"We didn't get a OPT record in response to a EDNS query." and
> >also says "We need to drop/remove the logging here when we have
> >more experience."
> >
> >Are you getting this debugging for EDNS-related problems for
> >"every request"? Maybe need to realize why.
>
> Yes, at a guess I'd day every single request to the caching
> server was logging, daemon log which rarely sees more than
> 200k a week, grew to 210mb in 24 hours :)
>
> >Maybe you can change the setting in
> >
> >from ISC_LOG_NOTICE to ISC_LOG_DEBUG(10) in your
> > ./lib/dns/resolver.c.
>
> that didnt seem to do anything, I'm going to revert that
> server back to 9.9.5 to stop this madness. I'll maybe look
> for a logging option to null out, tomorrow.
This is what I use for a logging statement:
logging {
channel "default_log" {
file "logs/named.log" versions unlimited size 10485760;
severity dynamic;
print-time yes;
print-severity yes;
print-category yes;
};
channel "query_log" {
file "logs/query.log" versions 5 size 5242880;
severity dynamic;
print-time yes;
};
category "default" {
"default_log";
};
category "queries" {
"query_log";
};
};
The print-category and print-severity in the default_log file will
quickly show you which category + severity is causing the noise.
Then, you can define another channel to deal with those as you
consider necessary / best.
Refer to ARM chapter 6 for details:
bind-9.10.0/doc/arm/Bv9ARM.ch06.html#id2574892
--
http://rob0.nodns4.us/
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
On 04/05/2014 05:28, Jeremy C. Reed wrote: It is at the "notice" severity level. The code says: "We didn't get a OPT record in response to a EDNS query." and also says "We need to drop/remove the logging here when we have more experience." Are you getting this debugging for EDNS-related problems for "every request"? Maybe need to realize why. Yes, at a guess I'd day every single request to the caching server was logging, daemon log which rarely sees more than 200k a week, grew to 210mb in 24 hours :) Maybe you can change the setting in from ISC_LOG_NOTICE to ISC_LOG_DEBUG(10) in your ./lib/dns/resolver.c. that didnt seem to do anything, I'm going to revert that server back to 9.9.5 to stop this madness. I'll maybe look for a logging option to null out, tomorrow. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: bin 9.10 verbose logging
On Sat, 3 May 2014, Noel Butler wrote: > U, since upgrade 9.9.5 to 9.10 every request to the name server is > spewing copious amounts of debug type data (thankfully I only upgraded the > one server) > > > > named[23250]: received packet from 207.66.8.132#53 (no opt): ;; > ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20501 ;; flags: qr aa; > QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: > ;dns2.osogrande.com.^I^IIN^I ;; AUTHORITY SECTION: > osogrande.com.^I^I86400^IIN^ISOA^Idns1.osogrande.com. > hostmaster.osogrande.com. 2002041909 14400 7200 604800 600 > > > Was debug left on in the final release source code? :) It is at the "notice" severity level. The code says: "We didn't get a OPT record in response to a EDNS query." and also says "We need to drop/remove the logging here when we have more experience." Are you getting this debugging for EDNS-related problems for "every request"? Maybe need to realize why. Maybe you can change the setting in from ISC_LOG_NOTICE to ISC_LOG_DEBUG(10) in your ./lib/dns/resolver.c. Or override the resolver category default in your named.conf.___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
bin 9.10 verbose logging
Hi, U, since upgrade 9.9.5 to 9.10 every request to the name server is spewing copious amounts of debug type data (thankfully I only upgraded the one server) named[23250]: received packet from 207.66.8.132#53 (no opt): ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20501 ;; flags: qr aa; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;dns2.osogrande.com.^I^IIN^I ;; AUTHORITY SECTION: osogrande.com.^I^I86400^IIN^ISOA^Idns1.osogrande.com. hostmaster.osogrande.com. 2002041909 14400 7200 604800 600 WTF ? Was debug left on in the final release source code? :) ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
