13.15. Enabling DNS Server Debug Logging

Problem

You want to enable DNS debug logging to troubleshoot issues related to DNS queries or updates.

Solution

Using a graphical user interface

  1. From the Administrative Tools, open the DNS snap-in (dnsmgmt.msc).

  2. Connect to the DNS Server you want to modify. In the left pane, right-click on DNS and select Connect to DNS Server. Select The following computer and enter the target server name. Click OK.

  3. Right-click on the server and select Properties.

  4. Click on the Debug Logging tab (or the Logging tab for Windows 2000).

  5. Select what you want to log and the location of the log file (the log file location is hardcoded to %systemroot%\system32\dns\dns.log on Windows 2000).

  6. Click OK.

Using a command-line interface

Use the following four commands to enable debug logging. For the log level add together the event codes you want logged and specify the result in hex. The available event codes are listed in Table 13-2.

> dnscmd <ServerName> /Config /LogLevel <EventFlagSumInHex>

Table 13-2. DNS debug logging event codes

Hexadecimal value

Decimal value

Descriptions

0x0

0

No logging. (This is the default)

0x1

1

Queries transactions

0x10

16

Notifications transactions

0x20

32

Updates transactions

0xFE

254

Non-queries transactions

0x100

256

Question packets

0x200

512

Answer packets

0x1000

4096

Send packets

0x2000

8192

Receive packets

0x4000

16384

UDP packets

0x8000

32768

TCP packets

0xFFFF

65535

All packets

0x10000

65536

AD write transactions

0x20000

131072

AD update transactions

0x1000000

16777216

Full packets

0x80000000 ...

Get Windows Server Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.