[162954] in North American Network Operators' Group
Re: bind verbose logging
daemon@ATHENA.MIT.EDU (shawn wilson)
Thu May 9 23:15:09 2013
In-Reply-To: <518C61D7.3050105@staticsafe.ca>
From: shawn wilson <ag4ve.us@gmail.com>
Date: Thu, 9 May 2013 23:14:38 -0400
To: staticsafe <me@staticsafe.ca>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Thanks, that's what I'm looking for.
Mike, sure I wouldn't mind schema ideas.
On Thu, May 9, 2013 at 10:56 PM, staticsafe <me@staticsafe.ca> wrote:
> On 5/9/2013 22:52, shawn wilson wrote:
>> In this log line, what is -EDC? I've also noticed +, -, -E, and -ED
>> but I have no Idea what they are (called/represent).
>>
>> 08-May-2013 08:04:49.751 client 1.2.3.4#48747 (ns2.example.com):
>> query: ns2.example.com IN AAAA -EDC (1.2.3.4)
>>
>> Also, I'm writing a parser and we're only loging 'queries' but if
>> someone has examples / schemas for the other categories, I'd like to
>> integrate that.
>> http://www.zytrax.com/books/dns/ch7/logging.html
>>
>
> "+EDC on a query indicates that it is:
>
> - Recursive (+) - it has come from a client or a server that is
> forwarding queries to your server
> - The sender is using EDNS0 (using larger UDP packet sizes and
> signalling the size that can be accepted)
> - The sender understands DNSSEC (D) - this is a request to your server
> to include any DNSSEC material associated with answer in the query reply.
> - DNSSEC validation checking is disabled (C) - the sender wants the
> answer anyway, even if the validation checks fail."
>
> Source -
> https://kb.isc.org/article/AA-00434/0/What-do-EDC-and-other-letters-I-see-in-my-query-log-mean.html
>
> Also see https://www.isc.org/software/bind/documentation for further
> documentation.
> --
> staticsafe
> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
> Please don't top post - http://goo.gl/YrmAb
> Don't CC me! I'm subscribed to whatever list I just posted on.
>
