Recipe13.15.Enabling DNS Server Debug Logging

Previous page
Table of content
Next page

Recipe 13.15. Enabling DNS Server Debug Logging

Problem

You want to enable DNS debug logging to troubleshoot issues related to DNS queries or updates.

Solution

Using a graphical user interface

  1. From the Administrative Tools, open the DNS snap-in (dnsmgmt.msc).

  2. Connect to the DNS Server you want to modify. In the left pane, right-click on DNS and select Connect to DNS Server. Select The following computer and enter the target server name. Click OK.

  3. Right-click on the server and select Properties.

  4. Click on the Debug Logging tab (or the Logging tab for Windows 2000).

  5. Select what you want to log and the location of the log file (the log file location is hardcoded to %systemroot%\system32\dns\dns.log on Windows 2000).

  6. Click OK.

Using a command-line interface

Use the following four commands to enable debug logging. For the log level add together the event codes you want logged and specify the result in hex. The available event codes are listed in Table 13-2.

> dnscmd <ServerName> /Config /LogLevel <EventFlagSumInHex>

Table 13-2. DNS debug logging event codes

Hexadecimal value

Decimal value

Descriptions

0x0

0

No logging. (This is the default)

0x1

1

Queries transactions

0x10

16

Notifications transactions

0x20

32

Updates transactions

0xFE

254

Non-queries transactions

0x100

256

Question packets

0x200

512

Answer packets

0x1000

4096

Send packets

0x2000

8192

Receive packets

0x4000

16384

UDP packets

0x8000

32768

TCP packets

0xFFFF

65535

All packets

0x10000

65536

AD write transactions

0x20000

131072

AD update transactions

0x1000000

16777216

Full packets

0x80000000

2147483648

Write-through transactions


Use the following command to specify the location of the log file:

> dnscmd <ServerName> /Config /LogFilePath <DirectoryAndFilePath>

Use the following command to log only entries that pertain to certain IP addresses:

> dnscmd <ServerName> /Config /LogIPFilterList <IPAddress1>[,<IPAddress2>...]

Use the following command to specify the maximum log file size:

> dnscmd <ServerName> /Config /LogFileMaxSize <NumberOfBytesInHex>

Use the following command to disable debug logging:

> dnscmd <ServerName> /Config /LogLevel 0

Using VBScript
' This code enables DNS debug logging. ' ------ SCRIPT CONFIGURATION ------ strServer     = "<ServerName>"           ' e.g., dc1 ' The log level must be in decimal, not hex like dnscmd intLogLevel   = <EventFlagSumInDecimal>     ' e.g., 65535 arrFilterList = Array("<IPAddress1>")       ' e.g., 192.168.1.12 strFilePath   = <DirectoryAndFilePath>      ' e.g., c:\dnslog.txt intFileSize   = <NumberOfBytesInDecimal>    ' e.g., 50000000 ' ------ END CONFIGURATION ---------     set objDNS = GetObject("winMgmts:\\" & strServer & "\root\MicrosoftDNS") set objDNSServer = objDNS.Get("MicrosoftDNS_Server.Name="".""") objDNSServer.LogLevel = intLogLevel objDNSServer.LogIPFilterList = arrFilterList objDNSServer.LogFilePath = strFilePath objDNSServer.LogFileMaxSize = intFileSize objDNSServer.Put_ WScript.Echo "Enabled DNS Debug Logging on " & strServer     ' To disable debug logging, set the intLogLevel variable to 0

Discussion

With the DNS Server debug log, you can record all DNS operations received and initiated by the server, including queries, updates, zone transfers, etc. If you need to troubleshoot a particular host, you can use the LogIPFilterList setting in dnscmd or the WMI DNS Provider to restrict the log to operations performed only for or by that host.

The most important debug log setting is the log level. With the DNS snap-in, you can select from a list of available options. With Windows Server 2003, the DNS snap-in provides an intuitive interface for selecting the required options. On Windows 2000, you are presented with a list of check boxes and you have to figure out which ones need to be used in conjunction with one another. You have a similar issue with CLI and VBScript solutions, where you need to determine what log level you want to set.

Table 13-2 contains all of the event codes with their hexadecimal and decimal values.

DNS debug logging can come in handy if you want to look at the dynamic update requests a particular DNS Server is processing. For example, if a client or DHCP server is attempting to dynamically register records, you can enable the Update Transactions log category on the DNS Server you think should be processing the updates. If you don't see any update transactions, that can indicate another server is processing the dynamic update requests.

Transactions are not immediately written to the debug log file as they occur. They are buffered and written to the file after a certain number of requests are processed.


See Also

MSDN: MicrosoftDNS_Server


Previous page
Table of content
Next page
Windows Server Cookbook
Windows Server Cookbook for Windows Server 2003 and Windows 2000
ISBN: 0596006330
EAN: 2147483647
Year: 2006
Pages: 380
Authors: Robbie Allen
BUY ON AMAZON
CISSP Exam Cram 2
Certified Ethical Hacker Exam Prep
Image Processing with LabVIEW and IMAQ Vision
Competency-Based Human Resource Management
Special Edition Using FileMaker 8
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy