Log replies
Igor Sverkos
igor.sverkos at gmail.com
Tue Aug 15 15:23:18 UTC 2023
Hi,
I am in an Active Directory environment.
Clients and servers are configured to use the Windows DNS servers
provided by the domain controllers.
Unbound is used to provide DNS service for example.org.
To access example.org, conditional forwarders are configured in
Windows DNS for example.org which are pointing to the Unbound server.
In general, this is working fine.
However, from time to time, some clients and servers are reporting DNS
problems. I.e. foo.example.org is suddenly not resolving for them. I
often cannot reproduce the problem. I.e. it works on my system (of
course, you often don't know which Windows DNS they contacted in that
moment). When checking the unbound instance directly using
dig/nslookup. everything works. Sometimes I am able to find one
Windows DNS server which is really replying NXDOMAIN. But when I then
try to look into it, the problem is already gone.
I am now trying to understand if this is a Windows DNS problem, a
network issue or an Unbound issue.
I configured logging:
server:
logfile: /var/log/unbound.log
log-queries: yes
log-replies: yes
log-tag-queryreply: yes
log-servfail: yes
I expect to see the Windows servers talking to this instance (TTL for
example.org is set to 300). If I'll see the servers talking to
Unbound, I should know that the network and Unbound is working.
My problem is that I am only seeing
[1692112156] unbound[78732:0] query: 10.72.2.4 foo.example.org. A IN
[1692112156] unbound[78732:0] reply: 10.72.2.4 foo.example.org. A IN
NOERROR 0.000000 1 59
in logs. I would like to see the actual reply, i.e. the IP returned.
Is that possible?
Of course, I am open for any other suggestion to check, too.
Thanks!
--
Regards,
Igor
More information about the Unbound-users
mailing list