Turn on or enable BIND DNS server logging to see all queries or for troubleshooting problem

Q. How do I turn on DNS server logging so that I can see all the queries on my CentOS 4.0 server?

A. You can use rndc command which controls the operation of a name server. It supersedes the ndc utility that was provided in old BIND releases. If rndc is invoked with no command line options or arguments, it prints a short summary of the supported commands and the available options and their arguments.

rndc communicates with the name server over a TCP connection, sending commands authenticated with digital signatures. In the current versions of rndc and named named the only supported authentication algorithm is HMAC-MD5, which uses a shared secret on each end of the connection. This provides TSIG-style authentication for the command request and the name server\u2019s response. All commands sent over the channel must be signed by a key_id known to the server.

Task: Turn on logging

Type the following command as root to toggle query logging:
# rndc querylog

Task: View bind sever query log

Once this is done, you can view all logged queries usimg /var/log/messages file. To view those queries, type:
# tail -f /var/log/messages

Task: Turn off logging

Type the following command as root to toggle query logging:
# rndc querylog

• Tweet
• 

If you would like to be kept up to date with our posts, you can follow us on Twitter, Facebook, Google+, or even by subscribing to our RSS Feed.