[dnsdist] dnstap logs CLIENT_RESPONSES only, when the queried RR is not in cache
Tom
lists at verreckte-cheib.ch
Fri Aug 27 06:21:14 UTC 2021
Hi
Using dnsdist-1.6.0, a packet-cache-configuration and a dnstap
(newFrameStreamUnixLogger) configuration, which is configured for
logging responses too:
I have noticed that in the dnstap-logs the CLIENT_RESPONSE only appears,
when dnsdist has NO cache entry for this request. Ever client-query,
which can be answered from the dnsdist-cache will only be logged with
"CLIENT_QUERY" and not additional with CLIENT_RESPONSE.
Look here:
# initial query (dnsdist hast empty cache) for mx google.com will be
logged with dnstap (CLIENT_QUERY and CLIENT_RESPONSE):
2021-08-27T06:09:35.541094903Z server01 CLIENT_QUERY NOERROR 192.168.1.1
55177 INET UDP 51b google.com MX 0.000000
2021-08-27T06:09:35.557156637Z server01 CLIENT_RESPONSE NOERROR
192.168.1.1 55177 INET UDP 185b google.com MX 0.016062
# 2nd, third, fourth etc. query for the same RR will only be logged with
CLIENT_QUERY:
2021-08-27T06:11:11.711001431Z server01 CLIENT_QUERY NOERROR 192.168.1.1
54555 INET UDP 51b google.com MX 0.000000
2021-08-27T06:11:13.238908856Z server01 CLIENT_QUERY NOERROR 192.168.1.1
48615 INET UDP 51b google.com MX 0.000000
2021-08-27T06:11:14.16733849Z server01 CLIENT_QUERY NOERROR 192.168.1.1
57005 INET UDP 51b google.com MX 0.000000
2021-08-27T06:11:14.776923103Z server01 CLIENT_QUERY NOERROR 192.168.1.1
37766 INET UDP 51b google.com MX 0.000000
# the cache-dump looks like this:
; dnsdist's packet cache dump follows
;
google.com. 488 MX ; rcode 0, key 4146178086, length 185, tcp 0, added
1630044575
When I clear the cache (getPool("poolname"):getCache():expunge(0)) or
restart dnsdist, then every first not cached query is logged again with
CLIENT_QUERY and CLIENT_RESPONSE.
Any hints for this?
Many thanks.
Kind regards,
Tom
More information about the dnsdist
mailing list