DNS resolver not logging correctely

  • I have added the costum option (log-queries: yes) so that unbound record all the DNS queries, but it is behaving incorrectly, it's only logging the DNS queries from one host of my LAN. any solution??

  • LAYER 8 Global Moderator

    Yeah have your other hosts actually use unbound vs something else ;)  If its logging 1 host, then its logging.. The only reason it wouldn't be logging your other hosts would be that those hosts are not even asking it ;) hehehe

    Here I turned it on.. You can see queries from 3 different hosts on 2 different networks, in like 10 seconds of turning it on.

  • All the hosts in the LAN are configured the same way to use the DNS server provided by pfsense, I still don't know why they are not logged in the DNS queries

  • LAYER 8 Global Moderator

    Because they didn't make a query would be my guess ;)  You need to actually Verify they are doing queries if your saying they are not logging..  So lets see the logs of your 1 client, and then what query are you saying is not being logged?

    Are these clients behind a wifi router that you thought you were using as AP, but its really natting so your only seeing the query in the log from its IP address?

    So from a client do a dig or nslookup or drill.. So it shows you doing a query to pfsense?  Sniff on pfsense interface they are doing the query too.. Do you see the query?

    > dig www.pfsense.org
    ; <<>> DiG 9.11.0-P1 <<>> www.pfsense.org
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31348
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
    ; EDNS: version: 0, flags:; udp: 4096
    ;www.pfsense.org.               IN      A
    www.pfsense.org.        300     IN      A
    pfsense.org.            218     IN      NS      ns2.netgate.com.
    pfsense.org.            218     IN      NS      ns1.netgate.com.
    ;; Query time: 35 msec
    ;; SERVER:
    ;; WHEN: Mon Dec 05 03:42:32 Central Standard Time 2016
    ;; MSG SIZE  rcvd: 107

    You can see here what IP did query too..
    ;; SERVER:

    If I do a nslookup you can see what server its going to ask.

    Default Server:  pfsense.local.lan

Log in to reply