Document toolboxDocument toolbox

Capturing DNS Responses

Owned by Sri Raghu
Last updated: Sept 06, 2024
1 min read

You can capture DNS responses for the DNS queries sent to the server. The amount of data captured depends on the domains included in or excluded from a capture. A DNS response is based on a query generated for a domain. In the response message, NIOS captures the TTL value of a resource record (RR), the RR’s type, and the resource data.

The following are characteristics of response messages:

  • They log only the answer section and do not include the authority and additional sections.
  • Responses to all queries, including those of type ANY", are logged.
  • If a record has a value other than NOERROR, or if the response is NOERROR (nodata), then the RR list is not available at the end of a response message.
  • Responses to all RR types, including those not managed by NIOS (such as HINFO records), are logged. However, there are exceptions for some of the scenarios that involve DNSSEC records.
  • Responses that contain DNSSEC RRs (DNSKEY, DS, NSEC, NSEC3, NSEC3PARAM, and RRSIG) when queried for non-DNSSEC RRs are not logged. However, responses are logged if a DNSSEC RR is queried explicitly.
  • DNS updates are not logged in responses.