DNS resolver not logging correctely
-
I have added the costum option (log-queries: yes) so that unbound record all the DNS queries, but it is behaving incorrectly, it's only logging the DNS queries from one host of my LAN. any solution??
-
Yeah have your other hosts actually use unbound vs something else ;) If its logging 1 host, then its logging.. The only reason it wouldn't be logging your other hosts would be that those hosts are not even asking it ;) hehehe
Here I turned it on.. You can see queries from 3 different hosts on 2 different networks, in like 10 seconds of turning it on.
-
All the hosts in the LAN are configured the same way to use the DNS server provided by pfsense, I still don't know why they are not logged in the DNS queries
-
Because they didn't make a query would be my guess ;) You need to actually Verify they are doing queries if your saying they are not logging.. So lets see the logs of your 1 client, and then what query are you saying is not being logged?
Are these clients behind a wifi router that you thought you were using as AP, but its really natting so your only seeing the query in the log from its IP address?
So from a client do a dig or nslookup or drill.. So it shows you doing a query to pfsense? Sniff on pfsense interface they are doing the query too.. Do you see the query?
> dig www.pfsense.org ; <<>> DiG 9.11.0-P1 <<>> www.pfsense.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31348 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.pfsense.org. IN A ;; ANSWER SECTION: www.pfsense.org. 300 IN A 208.123.73.69 ;; AUTHORITY SECTION: pfsense.org. 218 IN NS ns2.netgate.com. pfsense.org. 218 IN NS ns1.netgate.com. ;; Query time: 35 msec ;; SERVER: 192.168.9.253#53(192.168.9.253) ;; WHEN: Mon Dec 05 03:42:32 Central Standard Time 2016 ;; MSG SIZE rcvd: 107
You can see here what IP did query too..
;; SERVER: 192.168.9.253#53(192.168.9.253)If I do a nslookup you can see what server its going to ask.
nslookup
Default Server: pfsense.local.lan
Address: 192.168.9.253