wiki:Bind9Logging

This is just a quick list of the logging related features in BIND 9. We can use this to evaluate what is needed, required, desired for BIND 10.

  • At startup, errors go to default destinations (because configuration not parsed yet).
  • Default logging configurations are not well documented. So enabling logging for one thing may cause changed logging for others too.
  • If named is ran with -g for foreground mode, then no logging is done and all is sent to STDERR instead.
  • It can have a system wide debugging level (rndc trace).
  • BIND 9's code does logging defined by a category, a module, a severity level and then the message is a text string. The logging is done when it matches the configuration as defined below (category and severity level).
  • module is for extracting logging streams by source module rather than by category, e.g. "show me anything that lib/dns/zone.c is doing". Note: this is not configurable in BIND 9.
  • Identical log messages can be sent to different channels (duplicated).
  • Some messages may have a DNS message validator context number (like @0x7f7ffa743000), but not guaranteed unique. So following may be misleading.
  • Debug messages are also sent using the logging mechanism. Debug levels range from 1 to 100. High numbers are for details most useful to BIND developer and not to user of software. These are also called traces.
  • A logging destination and severity level configuration is called a channel
  • A severity may be defined for the channel, such as critical, error, warning, notice, info, debug, or dynamic.
    • These may be syslog priorities (other than dynamic) or also used when saving to a file.
    • It will match for higher severities also (like error will also match critical but not notice).
    • The debug severity can have a debug number also. It will match that debug level or lower numbers.
    • The dynamic severity is used for a server wide debug level. It will match everything at that debug level.
  • A channel may be set to:
    • null to discard any logs sent to it
    • STDERR
    • a filename
      • a maximum size limit can be defined.
      • files can have a number of rotated versions. BIND 9 will do this rotation for you. Oldest log is discarded (unless unlimited versions is chosen).
    • syslogger
      • a syslog facility can be defined (such as daemon or local0 or others)
  • The category name, date/time stamp, and/or severity level can be included with the logging output. (It is configurable per channel).
  • The default channels are:
    • syslogging to the "daemon" facility for severity info (and higher).
    • debug at severity dynamic to go to a file named named.run. So any logs that match the server's current debug level.
    • stderr writes to stderr at severity info (and higher).
    • null -- everything is dropped
  • The possible categories are:
    • client
    • config
    • database
    • default
    • delegation_only
    • dispatch
    • dnssec
    • edns_disabled
    • general
    • lame_servers
    • network
    • notify
    • queries
    • query_eerrors
    • resolver
    • security
    • unmatched
    • update
    • update_security
    • xfer_in
    • xfer_out
  • A configuration for a category selects the channel(s) it will go to (which defines the severity level and destination).
  • Logging to the syslog channel and the debug channel is enabled if logging is not configured for a category.
Last modified 7 years ago Last modified on Aug 30, 2010, 10:44:37 PM