12-25-2012 06:20 AM - edited 03-05-2019 06:49 AM
Hi,
I have enabled DNS server in my cisco router. I want the log of FQDN of the source IP, means, I want each dns request log from the user ip. Which ip is requesting which FQDN should be logged? Is it possible.
Yours,
Mero
Solved! Go to Solution.
12-25-2012 12:29 PM
configure the following in config mode:
access-list 101 permit udp any any eq domain
access-list 101 permit udp any eq domain any
and then run command " debug ip packet 101" and you will start getting all DNS query logs in the logs...
---
Posted by WebUser Neeraj Jagga from Cisco Support Community App
12-25-2012 11:08 AM
Hi Mero,
I am not aware of any such logging in Cisco IOS. In fact, I operate small deployments of standalone ISC DNS servers and even they do not perform this logging by default. I do not think this would be a particularly good idea, anyway: clients perform hundreds of DNS lookups within a single minute. Logging all of this, and even more, translating the clients' IP addresses back to their FQDNs, would generate an awful lot of logging information, plus immense DNS traffic (recall that the resolution from an IP back to FQDN is also performed in DNS using PTR records).
Is there any special reason for you to do this logging?
Best regards,
Peter
12-25-2012 12:29 PM
configure the following in config mode:
access-list 101 permit udp any any eq domain
access-list 101 permit udp any eq domain any
and then run command " debug ip packet 101" and you will start getting all DNS query logs in the logs...
---
Posted by WebUser Neeraj Jagga from Cisco Support Community App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: