BIND LOGGING ------------ By default, logs from named are sent to /var/log/messages via syslog. Let's make BIND log in a more detailed fashion. On MASTER: 1. Create the log directory: # mkdir /etc/namedb/log # chown bind /etc/namedb/log 2. Edit /etc/namedb/named.conf, find the end of the "options" section, and create the "logging section": options { ... }; // - - - - - - - - - - - - - - - cut below - - - - - - - - - - - - - - - logging { // Channels channel transfers { file "/etc/namedb/log/transfers" versions 3 size 10M; print-time yes; severity info; }; channel notify { file "/etc/namedb/log/notify" versions 3 size 10M; print-time yes; severity info; }; channel dnssec { file "/etc/namedb/log/dnssec" versions 3 size 10M; print-time yes; severity info; }; channel query { file "/etc/namedb/log/query" versions 5 size 10M; print-time yes; severity info; }; channel general { file "/etc/namedb/log/general" versions 3 size 10M; print-time yes; severity info; }; // Categories category xfer-out { transfers; }; category xfer-in { transfers; }; category notify { notify; }; category lame-servers { general; }; category config { general; }; category default { general; }; category security { general; }; category dnssec { dnssec; }; // category queries { query }; }; // - - - - - - - - - - - - - - - cut above - - - - - - - - - - - - - - - Save and exit the file, and TEST that it works: # named-checkconf /etc/namedb/named.conf 2. Now reconfig or restart bind: # rndc reconfig - Look into /etc/namedb/log/, and see if the files get created. If it doesn't work, try: - check permissions for /etc/namedb/log - restarting named (/etc/rc.d/named restart) 3. Do a zone transfer of you own domain: # dig @master.grpX.ws.nsrc.org AXFR MYTLD ... - Verify that the transfer shows up in /etc/namedb/log/transfers: 17-Feb-2011 11:18:15.331 client 127.0.0.1#61235: transfer of 'MYTLD/IN': AXFR started 17-Feb-2011 11:18:15.331 client 127.0.0.1#61235: transfer of 'MYTLD/IN': AXFR ended