Question about dnstap
Petr Špaček
pspacek at isc.org
Mon Sep 12 13:01:38 UTC 2022
On 12. 09. 22 12:27, Borja Marcos wrote:
> Hi,
>
>
> I am not sure this is intended behavior, or maybe I should file a bug.
>
> I am doing some tests with dnstap and bind (9.18.6 now but I see the same behavior with older 9.18 versions). I am using
> dnstap-go.
>
> I have configured bind to use dnstap with no other options and using a Unix domain socket. (On named.conf, dnstap {all;};).
>
> If I start named but the dnstap collector is not running it will never try to connect. I need to start the dnstap program
> _before_ starting named.
>
> From the named.conf documentation I assumed that bind would retry the dnstap connection periodically. (fstrm-reopen-interval).
>
> Is that correct or I am making a wrong assumption? I think at least it would be desirable to have bind reconnect in case the dnstap
> collector was restarted for whatever reason.
>
> Versions:
>
> bind 9.18.6
> fstrm-0.6.1
> protobuf-3.20.1,1
> protobuf-c-1.4.0_3
My testing did not uncover anything problematic.
Versions:
fstrm 0.6.1-1
protobuf 21.5-1
protobuf-c 1.4.1-1
A procedure which works:
- start BIND configured with
options {
dnstap { all; };
dnstap-output unix "/tmp/unix";
};
- after BIND starts run fstrm_capture -t protobuf:dnstap.Dnstap -u
/tmp/unix -w /tmp/capture
- fire couple queries: sleep 6 && dig bla example
- check content of /tmp/capture with dnstap-read: dnstap-read -y /tmp/cature
Seems all good to me. I suggest checking it using the fstrm tools to the
dnstap-go can be eliminated from the equation.
--
Petr Špaček
More information about the bind-users
mailing list