What is DNS debug log

DNS debug logging helps to collect and analysis all the critical and low level events happening with domain name system. For example it will log the time of query, context, whether it was TCP or UDP and response etc. All this information can be saved in single text file. Generally its not required, you may need to do this configuration for advance diagnostics purpose.

How to enable DNS logging

You need follow follow following steps.

1. Open DNS servers console.
2. Right click the DNS server name and go to properties.
3. Go to debug logging tab.
4. Check the option “Log packets for debugging”.
5. Select other options according to your requirements.
6. Give the log file path name. In our case its c:\dnsdebuglog.txt
7. Specify dns debug log max size.
8. Click apply and OK.

You will see a file is created on dnsdebuglog.txt is create on the mentioned path.

Fields of debug file

Once DNS debugging is enabled, you will find following fields in log file.

1. Time
2. Thread ID
3. Context
4. Internal packet identifier
5. UDP/TCP indicator
6. Send/Receive indicator
7. Remote IP
8. Xid (hex)
9. Query/Response
   • R = Response
   • blank = Query
10. Opcode
    • Q = Standard Query
    • N = Notify
    • U = Update
    • ? = Unknown
11. [ Flags (hex)
12. 13 Flags (char codes)
    • A = Authoritative Answer
    • T = Truncated Response
    • D = Recursion Desired
    • R = Recursion Available
13. ResponseCode ]
14. Question Type
15. Question Name

DNS Debug Logging PowerShell Commands

“Get-DnsServerDiagnostics” command will show the current DNS debug settings.

“Set-DnsServerDiagnostics” command can be used to change the current debug settings. For example if you run the command “Set-DnsServerDiagnostics -Notifications $True“. This output can be observed in PowerShell command as wall as graphical user interface.

The article was written using Microsoft Windows Server 2019 operating system. If you want to learn more about DNS you can follow our article Introduction to DNS Server.