[Pdns-users] PowerDNS 3.1 does not log "not authoritative for" messages
Peter van Dijk
peter.van.dijk at netherlabs.nl
Mon Sep 16 08:22:21 UTC 2013
On Sep 11, 2013, at 8:34 , Dutch wrote:
> After installing a new PowerDNS 3.1 server we discovered that "Not
> authoritative for '<domain>', sending servfail to <ip>" messages are not
> being logged anymore. Also PowerDNS responds with a "no answer" instead of
> "SERVFAIL" when we query for a non-existing domain. PowerDNS 2.9 does log
> these messages and answers with a SERVFAIL. Both configuration files are
> exactly the same and both databases are in sync and do contain the same
> The problem is that we need to know which domains are being queried and are
> non-existing. Any way to restore this functionality within 3.1 or any reason
> available why it is phased out in 3.X?
The specific log message was removed for no specific reason, during a massive rewrite of the PowerDNS packet handler code in 2010.
'No answer' (empty non-aa NOERROR) is how 3.0 and up report "I have no idea" because this yields better interoperability than the SERVFAIL response of 2.9.x.
I can't think of a way to restore it within 3.1, but I think if you filed a ticket at https://github.com/PowerDNS/pdns/issues requesting that log-dns-details logs queries for domains that PowerDNS is not aware of, we'd be happy to implement it for the next release.
Peter van Dijk
Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Pdns-users