[dns-operations] Capturing 184.108.40.206 Traffic
edmonds at isc.org
Tue Feb 26 00:17:58 UTC 2013
Noel Butler wrote:
> and putting tin foil hat on now :) it would log those requests, and who
> knows what google does with that data, it sure as hell doesnt do it for
> the goodness of the planet, there is a commercial reason behind every
> decision and service they provide.
yes, who knows what google is doing with all that data. they would
never tell us that.
Google Public DNS stores two sets of logs: temporary and permanent.
The temporary logs store the full IP address of the machine you're
using. We have to do this so that we can spot potentially bad things
like DDoS attacks and so we can fix problems, such as particular
domains not showing up for specific users.
We delete these temporary logs within 24 to 48 hours.
In the permanent logs, we don't keep personally identifiable
information or IP information. We do keep some location information
(at the city/metro level) so that we can conduct debugging, analyze
abuse phenomena. After keeping this data for two weeks, we randomly
sample a small subset for permanent storage.
We don't correlate or combine information from our temporary or
permanent logs with any personal information that you have provided
Google for other services.
Finally, if you're interested in knowing what else we log when you
use Google Public DNS, here is the full list of items that are
included in our permanent logs:
* Request domain name, e.g. www.google.com
* Request type, e.g. A (which stands for IPv4 record), AAAA (IPv6
record), NS, MX, TXT, etc.
* Transport protocol on which the request arrived, i.e. TCP or UDP
* Client's AS (autonomous system or ISP), e.g. AS15169
* User's geolocation information: i.e. geocode, region ID, city ID,
and metro code
* Response code sent, e.g. SUCCESS, SERVFAIL, NXDOMAIN, etc.
* Whether the request hit our frontend cache
* Whether the request hit a cache elsewhere in the system (but not in
* Absolute arrival time in seconds
* Total time taken to process the request end-to-end, in seconds
* Name of the Google machine that processed this request, e.g.
* Google target IP to which this request was addressed, e.g. one of
our anycast IP addresses (no relation to the user's IP)
edmonds at isc.org
More information about the dns-operations