[Unbound-users] [wishlist] unbound vs djbdns

Alexander Clouter alex at digriz.org.uk
Wed Jun 15 14:31:34 UTC 2011 

Andreas Schulze <andreas.schulze at datev.de> wrote:
> 
> I also miss the logging feature.
> 
> I also know, I could "tcpdump --foo --voodoo".
> But I do not want read tcpdump's interpretation of a dns packet.
> I like to see what unbound thinks about it.
>
I'm keener to know about the packets unbound cannot parse too, although 
hopefully rare :)

For stats collecting, rather than diagnosis though, this I can see is 
not so important.

> I also dislike running tcpdump as a parser with root privileges. Yes, 
> I could capture as root and parse as nobody, but that's not 
> comfortable!
>
You don't *capture* as root, you bind to a packet socket as root and 
then immediately drop your privileges permanently...it's identical to a 
webserver (such as Apache) binding to port 80/tcp as root and then 
dropping back to www-data from then onwards.  You don't say your CGI 
scripts are running as root? ;)

I wrote a packet sniffer, tcpdump/libpcap was too large for my needs, 
that does just this:

http://www.digriz.org.uk/catnip
 
> The suggested logging may be switched on/off via unbound-control.
> So the "fast path" is less involved.
> 
> I simply want sometimes know, what questions a specific system
> asks. Without voodoo ...
> 
> Anyway, as a postmaster, I would throw away any mailer which could not tell me
> who is sending/receiving mail. And I would not using tcpdump.
> 
Some mail servers have poor logging.

> As a webmaster, I would not use a webserver unable to to usual logging.
> And also nobody uses tcpdump.
> 
As a sysadmin I go straight for tcpdump as typically the web developers 
write code that is impossible to debug/diagnose.  I know how something 
is meant to work, if things go strangely over the wire

> Why I am advised to do so as dnsmaster ?
> 
As it's an option.  You can delete files in a directory with:
 * find . -maxdepth 1 -type f | xargs -I{} rm '{}'
 * find . -maxdepth 1 -type f -delete
 * rm *

Which one you pick is up to *you* and suits your needs the best.

Cheers

-- 
Alexander Clouter
.sigmonster says: Money doesn't talk, it swears.
                  		-- Bob Dylan

More information about the Unbound-users mailing list