HPE Community
Operating System - HP-UX
1847258 Members
2725 Online
110263 Solutions
New Discussion

Name Server Cache

 
SOLVED
Go to solution
David Crowe
Advisor

‎08-24-2001 07:08 AM

‎08-24-2001 07:08 AM

Name Server Cache

What I am looking for is a method of seeing what external addresses have been queried. Such as if someone sends an email to HP.COM is there a way of just seeing that entry and entries like it in the cache or do I need to look at the named_dump.db and remove all of the local information?

A 2nd part to this question is is there a method of removing an entry out of this cache without having to stop and start the named process?
0 Kudos
Reply
3 REPLIES 3
Kevin Wright
Honored Contributor

‎08-24-2001 11:01 AM

‎08-24-2001 11:01 AM

Re: Name Server Cache

Not sure I quite understand your first question, but for the second part of clearing the cache, I think you have to stop/start named to do so...

for part one..to look at the cache, look at the db file created from the sigiNT, don't know what you mean by removing local info.
0 Kudos
Reply
John Bolene
Honored Contributor

‎08-24-2001 11:13 AM

‎08-24-2001 11:13 AM

Re: Name Server Cache

Yes, you do have to stop and restart named to clear the cache. A good way is to sig_named kill and then /usr/sbin/named, this causes about a few seconds of DNS outage, most folks will never notice.

Not sure how to tell what external IP's have been referenced.

Curious why you would want to do this, auditors or porn sites?

You can always turn on debug and have the output go to a log and then scan the log. Use sig_named debug 1 to turn on the logging, and sig_named debug 0 to turn it off.
It is always a good day when you are launching rockets! http://tripolioklahoma.org, Mostly Missiles http://mostlymissiles.com
0 Kudos
Reply
Sachin Patel
Honored Contributor

‎08-24-2001 12:34 PM

‎08-24-2001 12:34 PM

Solution

Re: Name Server Cache

Hi David,
If you are using BIND 4.9.7 or BIND 8.X then you can user category "queries" to log all the queries in to the log file. This statment goes in to the named.boot or /etc/named.conf file like

logging {
category queries {default_debug;};
};

Ans 2: On BIND 8.x you can specify cleaning interval for cache

options { cleaning-interval 120;
};
It is 120 minutes.

Sachin
Is photography a hobby or another way to spend $
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.