20 Bře
2013
20 Bře
'13
23:56
Hi,
On Mar 18, 2013, at 20:32 , Ondřej Surý wrote:
There's nothing wrong you are doing, there's
only a limited information we are logging in this category. We are having an internal
discussion that it might be better to just kill this category.
I have one question though, do you feel it's valuable to log all the queries as
opposed to using a network dump tool? E.g. I see this option merely as a useful tool to
check if the query was parsed correctly, but not as a general debugging tool since it can
consume quite a lot of resources.
Here's one vote for NOT doing query logging in an authoritative server. Some of us are
very performance sensitive and even more complexity sensitive. I want a lean and mean
server with as much performance as possible.
There are oodles of alternatives for query logging outside the nameserver itself. Apart
from more specialized tools like dnscap / dscng / packetq / PF_RING, etc, you really get
your query log from basically just a plain
tcpdump -i eth0 port 53
i.e. there's just no need (other than "convenience"). In our case, we will
not even do the packet capturing on the server host(s), we do that on other hardware in
front.
Regards,
Johan
PS. BTW, this debate has been a regular feature regarding NSD (and Unbound). Unbound caved
in a couple of years ago but NSD still does not provide query logging. Because there's
no need to provide that in the nameserver. Knot is exactly the same.