getting answers from DNS queries
Ondřej Surý
ondrej at isc.org
Tue May 3 12:38:10 UTC 2022
> On 3. 5. 2022, at 14:31, Gaurav Kansal <gaurav.kansal at nic.in> wrote:
>
> Yup. But if the DNS infra is under my control, then definitely the keys (which i have used for encryption) will also be with me. Am i missing something here ? 🧐
Then you need to make the private keys available to the monitoring software.
Also monitoring DNS traffic on the mirror doesn’t tell you anything **how** the DNS server sees the queries, so dnstap is going to be better solution for most deployments.
Ondrej
--
Ondřej Surý (He/Him)
ondrej at isc.org
My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220503/d14b857b/attachment.sig>
More information about the bind-users
mailing list