Date: Wed, 21 Mar 2007 13:23:39 -0700 From: Chuck Swiger <cswiger@mac.com> To: Doug Poland <doug@polands.org> Cc: questions@freebsd.org Subject: Re: OT: how to read BIND's debug file (named.run) Message-ID: <D1CC0867-0721-44D4-9C5D-A5577022325C@mac.com> In-Reply-To: <56280.69.129.174.18.1174501043.squirrel@email.polands.org> References: <56280.69.129.174.18.1174501043.squirrel@email.polands.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Doug--
On Mar 21, 2007, at 11:17 AM, Doug Poland wrote:
[ ...named logs... ]
> I trimmed out date/time stamp and it's obvious what the client,
> IP#port, query: name are for. Also, I get what the: IN A MX SOA
> PTR flags are. But what do the following characters mean?
>
> -
> +
> AAAA -
> AAAA +
> -E
>
> I googled and did a little experimenting with dig but sure would be
> nice if there's a document out there that describes all these.
Using the source (/usr/src/contrib/bind9/bin/named/query.c) suggests:
ns_client_log(client, NS_LOGCATEGORY_QUERIES,
NS_LOGMODULE_QUERY,
level, "query: %s %s %s %s%s%s", namebuf,
classname,
typename, WANTRECURSION(client) ? "+" : "-",
(client->signer != NULL) ? "S": "",
(client->opt != NULL) ? "E" : "");
AAAA refers to an IPv6 address lookup, similar to an IPv4 "A"
lookup. "+" or "-" indicates whether the client requested recursion,
and perhaps suggests whether it infers whether it should be talking
to a nameserver which is authoritative for a given zone. "S" would
indicate the response was cryptographically signed using TSIG or
whatever BIND's nickname for PKI is, and "E" seems to indicate
whether one of the following two options is set:
/*
* This option is deprecated since we now only consider nibbles.
#define DNS_BYADDROPT_IPV6NIBBLE 0x0001
*/
#define DNS_BYADDROPT_IPV6INT 0x0002
--
-Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D1CC0867-0721-44D4-9C5D-A5577022325C>