[dns-operations] dnstap/duplicate query-ids?

Evan Hunt each at isc.org
Mon Mar 28 03:36:36 UTC 2016


On Sun, Mar 27, 2016 at 09:36:06PM -0400, Jared Mauch wrote:
> These tools are really poorly documented, and the unix socket support
> stuff isn’t great either.. eg: dnstap{ resolve response; }; passes
> named-checkconf but only logs queries.

That should be "resolver response" I think. If it's logging queries
and not responses, that's a bug.  (I'd appreciate it if you'd report
such things to https://www.isc.org/community/report-bug/ or
bind9-bugs at isc.org.)

> None of the dnstap items made it to the named.conf man page but
> are in the other code.

That was an oversight. They're in the ARM but I forgot the
named.conf page.

> I’m trying to see if I can make the DNSTAP stuff work, but it seems
> to only write to a unix socket if something else creates it
> and isn’t self-compatible with dnstap-read to just stream data
> from the unix socket.

There does seem to be a bug in libfstrm. It ought to be able to detect a
reader on the socket and write to it when it's there, and stop writing when
it isn't.  I haven't been able to make that work either; I have to be
running fstrm_capture before named starts, or nothing happens.

(Now that I think about it, giving dnstap-read the ability to read on
the socket so you can take fstrm_capture out of the loop would be a
useful thing to do.)

-- 
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.



More information about the dns-operations mailing list