[Pdns-users] PowerDNS 3.1 does not log "not authoritative for" messages

[Peter van Dijk]

Hello,

On Sep 11, 2013, at 8:34 , Dutch wrote:

> After installing a new PowerDNS 3.1 server we discovered that "Not
> authoritative for '<domain>', sending servfail to <ip>" messages are not
> being logged anymore. Also PowerDNS responds with a "no answer" instead of
> "SERVFAIL" when we query for a non-existing domain. PowerDNS 2.9 does log
> these messages and answers with a SERVFAIL. Both configuration files are
> exactly the same and both databases are in sync and do contain the same
> domains/records.
> 
> The problem is that we need to know which domains are being queried and are
> non-existing. Any way to restore this functionality within 3.1 or any reason
> available why it is phased out in 3.X?


The specific log message was removed for no specific reason, during a massive rewrite of the PowerDNS packet handler code in 2010.

'No answer' (empty non-aa NOERROR) is how 3.0 and up report "I have no idea" because this yields better interoperability than the SERVFAIL response of 2.9.x.

I can't think of a way to restore it within 3.1, but I think if you filed a ticket at https://github.com/PowerDNS/pdns/issues requesting that log-dns-details logs queries for domains that PowerDNS is not aware of, we'd be happy to implement it for the next release.

Kind regards,
-- 
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20130916/9a4f6816/attachment-0001.sig>