getting answers from DNS queries
Petr Špaček
pspacek at isc.org
Tue May 3 09:10:30 UTC 2022
On 03. 05. 22 10:56, Gaurav Kansal wrote:
> Or if you are ready to take some pain, then take the mirror from the
> network side, parse the packets and you can achieve whaterver you want
> to do, build beautiful graphs, have reports and what not.
> This will also help in reducing the load on your DNS node by disabling
> the logging completely and you can achieve high QPS.
>
> One such tool which can do all for you is dnsmonster -
> https://github.com/mosajjal/dnsmonster
> <https://github.com/mosajjal/dnsmonster> . Just send mirror traffic to
> this and it will do everything for you.
The major problem with packet mirroring and parsing is that it is
unusable for encrypted transports. For that very reason I think dnstap
is the way to go.
--
Petr Špaček
More information about the bind-users
mailing list