Is there any way to log authoritative zone queries from the outside? Or otherwise a way to monitor/view them?
Hi anonymous fongaboo,
NSD doesn't log queries itself. You have to use tcpdump or dnscap with a
filter like "port 53" to capture all DNS traffic arriving at the server,
and then parse the generated pcap file, for example.
Regards,
Anand
Thank you!
Trying to run Unbound on FreeBSD 10.1. Following this tutorial:
https://www.linkedin.com/pulse/20140913172910-54816370-how-to-run-master-nsd-on-freebsd-10-0
However that is for 10.0. Don't know if it makes a difference. However I did notice that the NSD tutorial I followed made some distinct instructions for 10.0 vs. 10.1.
I copied a conf file I had from a previous FreeBSD installation. I believe it was 10.0 in that case. However the conf file checks out with unbound-checkconf.
However when I run either...
unbound-control start
*or*
unbound -c /etc/unbound/unbound.conf
...I get:
[1437336832] unbound[69115:0] warning: too many file descriptors requested. The builtin mini-event cannot handle more than 1024. Config for less fds or compile with libevent
[1437336832] unbound[69115:0] warning: continuing with less udp ports: 211
[1437336832] unbound[69115:0] debug: switching log to syslog
Any suggestions? The only discussion I can find about this error suggests compiling differently... But now that Unbound is part of the FreeBSD standard install, I would not expect to need to (re)compile anything.
TIA
Oops I pasted the wrong tutorial in my email...
But nevermind anyway, because I discovered I should be using /etc/rc.d/local_unbound in FreeBSD 10.1 rather than standard unbound.
This is still a fairly recent development, so it makes it somewhat confusing when Googling and finding the existing tutorials for using stock Unbound.
OMG I am batting 1000... Realizing that I posted to the NSD group instead of the Unbound group... 
*nothing to see here* *slowly backs away*