2.2.9.1.1 DNS_LOG_LEVELS
The DNS_LOG_LEVELS bit field is a 32-bit integer that specifies the various filters and options that can be configured for the DNS server to log packet exchange information to the server log file. There are four layers of filtering:
Content filter: Filters on the function (that is, the DNS opcode) of the content of a packet.
Type filter: Filters on whether the packet is a question or an answer.
Direction filter: Filters on the network direction of the packet (received or sent).
Transport filter: Filters on the transport mechanism (TCP or UDP).
Since filters are applied independently, and a packet is logged only if allowed by all filters, setting all bits for any given filter to zero indicates that no packets are to be logged.
Bits other than those listed in the following table can be set to any arbitrary value when sent, and MUST be ignored on receipt.
|
Constant/value |
Description |
|---|---|
|
DNS_LOG_LEVEL_QUERY 0x00000001 |
The server allows query packet exchanges through the content filter. |
|
DNS_LOG_LEVEL_NOTIFY 0x00000010 |
The server allows packet exchanges related to zone exchange through the content filter. |
|
DNS_LOG_LEVEL_UPDATE 0x00000020 |
The server allows packet exchanges related to zone updates through the content filter. |
|
DNS_LOG_LEVEL_QUESTIONS 0x00000100 |
The server allows packets containing questions through the type filter. |
|
DNS_LOG_LEVEL_ANSWERS 0x00000200 |
The server allows packets containing answers through the type filter. |
|
DNS_LOG_LEVEL_SEND 0x00001000 |
The server allows packets it sends out through the direction filter. |
|
DNS_LOG_LEVEL_RECV 0x00002000 |
The server allows packets it receives through the direction filter. |
|
DNS_LOG_LEVEL_UDP 0x00004000 |
The server allows UDP packet exchange through the transport filter. |
|
DNS_LOG_LEVEL_TCP 0x00008000 |
The server allows TCP packet exchange through the transport filter. |
|
DNS_LOG_LEVEL_ALL_PACKETS 0x0000FFFF |
The server logs operations that fulfill the following filter set: DNS_LOG_LEVEL_SEND or DNS_LOG_LEVEL_RECV, or DNS_LOG_LEVEL_TCP or DNS_LOG_LEVEL_UDP, or DNS_LOG_LEVEL_QUERY or DNS_LOG_LEVEL_NOTIFY or DNS_LOG_LEVEL_UPDATE, or DNS_LOG_LEVEL_QUESTIONS or DNS_LOG_LEVEL_ANSWERS. |
|
DNS_LOG_LEVEL_DS_WRITE 0x00010000 |
Independent of the values of the other filters, logs Active Directory write operations. |
|
DNS_LOG_LEVEL_DS_UPDATE 0x00020000 |
Independent of the values of the other filters, logs Active Directory polling operations and operations during DNS updates (secure and unsecure) on Active Directory integrated zones. |
|
DNS_LOG_LEVEL_FULL_PACKETS 0x01000000 |
If allowed by the filters, the server logs the entire packet to the log file. |
|
DNS_LOG_LEVEL_UNMATCHED_RESPONSE 0x02000000 |
If allowed by the filters, the server logs response packets that do not match any outstanding query.<65> |
|
DNS_LOG_LEVEL_WRITE_THROUGH 0x80000000 |
If allowed by the filters, the server saves packet logging information to persistent storage. |