BIND 9.11.4 dnstap not capturing updates
Evan Hunt
each at isc.org
Fri Aug 3 20:33:39 UTC 2018
On Fri, Aug 03, 2018 at 04:18:45PM -0400, Robert Edmonds wrote:
> greg.rabil at bt.com wrote:
> > Thanks Robert. I've added a few lines of code to BIND's client.c
> > source module to call dns_dt_send for updates with a type of
> > AUTH_QUERY, and it works as expected.
>
> > Is there any reason that you can think that it should not be part of
> > the standard BIND dnstap support? If not, I will gladly contribute my
> > change to the ISC.
>
> I can't think of any reason not to have support for dnstap logging of
> UPDATEs on the server side in BIND. It just wasn't a focus for the
> original dnstap design work, which was very STD13 focused.
The terminology's a little misleading since the QUERY and UPDATE opcodes
are two different things. But I guess the implication here is that for
dnstap purposes, we don't care about opcodes, and "query" is the same
as "request".
I can't think of any reason not to tap update requests, but I do
wonder whether an extension to the type enum would reduce confusion.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list