Skip to main content

Enable DNS logging Not Working

blipper
Hi, I've got a new dns-only name server running and I want to make sure it's processing dns queries. So to this, I normally do this to enable it: root [/var/log]# rndc querylog But I'm getting this message: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf) And when I do tail -f /var/log/messages, I do not see it logging any dns queries. When I perform nslookup xyz.com localhost it returns results showing me that bind is working, but nothing logged. This is on Centos-release-7-2.1511.el7.centos.2.10.x86_64, whm 54 build 19 Ideas?

Comments

4 comments

Date Votes
  • cPanelMichael
    And when I do tail -f /var/log/messages, I do not see it logging any dns queries. When I perform nslookup xyz.com localhost it returns results showing me that bind is working, but nothing logged.

    Hello :) Have you tried using "dig @localhost" or the "dig" command from another server to see if that populates entries in /var/log/messages? The error message you referenced is a warning and should not prevent the command from succeeding. Thank you.
    0
  • Rodrigo Gomes
    Hello, I'm getting exactly the same error. DNS works normally, I did not detect any problems. But I would like to remove this warning since it is making the munin-node.log file get very large.
    0
  • cPanelMichael
    Hello, I'm getting exactly the same error. DNS works normally, I did not detect any problems. But I would like to remove this warning since it is making the munin-node.log file get very large.

    Hello, First, run the following commands to backup the existing configuration in-case you need to restore it:
    cp -a /etc/named.conf /etc/named.conf.backup cp -a /etc/rndc.key /etc/rndc.key.backup
    Then, as a workaround to the Bind issue you have reported, you could copy the existing key file with a new name (ensure to keep the new file in the /etc/ directory). EX:
    cp -a /etc/rndc.key /etc/rndc123.key
    Next, replace the following line in the /etc/named.conf file:
    include "/etc/rndc.key";
    With:
    include "/etc/rndc123.key";
    Once you do this, you can remove /etc/rndc.key and restart the Named service:
    rm /etc/rndc.key /scripts/restartsrv_named
    This should prevent the warning message from appearing. Thank you.
    0
  • Rodrigo Gomes
    It worked perfectly, thank you Michael!
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post