-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Tue, 12 Nov 2019, Tony Finch wrote:
Erich Eckner <b...@eckner.net> wrote:
I have also a hard time, generating some useful debug output
- setting `-d 9` does not give additional information in the system log.
You might find it is being written to the file named.run in named's
working directory (this is the default_debug logging channel
configuration). I generally use `rndc trace 11` to tell named to log
details of resolution and validation, including sent and received DNS
mesaages. It's very verbose but it can tell you what is happening to your
.onion queries.
Thanks! I now get the desired log. I noticed, that there were *no* queries
sent by the dns server at all (even when asking for subdomains of
onion.eckner.net - which were successfully resolved by tor). I
suspected, that the slave "." zone superseeds every other zone I have,
and confirmed that by commenting out the other (slaved opennic) tlds which
did *not* break the resolving.
I replaced "." by a hint zone and now it works as intended:
- - opennic tlds are resolved via their slave zones (before, they were not:
I could comment them out and still resolve)
- - normal tlds are resolved via hint root zone (I think)
- - onion. is forwarded to tor
thanks a lot!
I have another (minor) question, though:
To my understanding, the difference between "forward first;" and "forward
only;" is, that the former caches and the latter forwards all queries.
However, I see the same behaviour in the log for both. Where is my
mistake?
cheers,
Erich
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAl3KsgIACgkQCu7JB1Xa
e1o+rg/8Cdvrih+r9bYtwGSu12GTQtzVrSJY8Xtmjcoh4O4QJPZ/CRCEP/q3ok2Z
mgDVoVp+whJRnVZJIPHJKx+Iq8PJ5Gp9RTH26gWpZ4jMxpilTnSLC9SVY5CSsMeY
CFZ6A5QEGg5I2fzZKVUa6CbKW/3AjqrcbOASoORarWEdZRIv9U/CwfS8D0o2zywW
rH4CEqVswx0SWwFtBLkY5+C/90AkEOB40W1RJymHMJK3+r+AQdnj/p3BXHwA2VbD
8R4tK3VoTWd4exuXet8JCvGHM7uJZVBfkChGy+uCBiY9oY0CHLGnc1dEp0E4QcVX
6V58YHehPgYJ4S1OQVJzk4F2I3PD4Bp47pKCxOhTwhRt9VnlYCK3XGD0sOSbccJa
KxloL3D8RLSE7l/kQk7mcnH2cdSZVCuJUPYraK38zBumwh6uFGKHiRyhYWhsBZEU
ODdDn1hPsPfe/X/cEdBMpt/zv2J7HMrm15MBYDCxw3obnmPlsibc4ztlf71yyflN
lJJvvkJgDmT+jpjazVWs/1NJd7vvTp6QrsQwPnGjQNTxmh+FDvTP6BT9qWjQxcd8
bFgqdziI7gFH26FwfzKpC9TkZFxga4Bg5PI5F2M1k0sAEe7ykwsOvukQVNZL9VYO
CD/s5qpvrmAEuI5oO49oYiY4+7tfxOrxyY0CumRoWObpmq+zRJc=
=9vdi
-----END PGP SIGNATURE-----
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
