Re: BIND 9.11.4 dnstap not capturing updates

> I could see it being useful to extend the enum to > AUTH_QUERY_UPDATE/AUTH_QUERY_RESPONSE That should read: I could see it being useful to extend the enum to AUTH_QUERY_UPDATE/AUTH_RESPONSE_UPDATE ___ Please visit https://lists.isc.org/mailman/lis

RE: BIND 9.11.4 dnstap not capturing updates

,AG,A Gregory,JTK2 R ; d...@dotat.at; bind-us...@isc.org Subject: Re: BIND 9.11.4 dnstap not capturing updates On Fri, Aug 03, 2018 at 04:18:45PM -0400, Robert Edmonds wrote: > greg.ra...@bt.com wrote: > > Thanks Robert. I've added a few lines of code to BIND's client.c &

Re: BIND 9.11.4 dnstap not capturing updates

> On 3 Aug 2018, at 20:08, Robert Edmonds wrote: > > dnstap doesn't have any `Type` values for an authoritative nameserver > that is an initiator. For NOTIFY, we might need to add AUTH_CLIENT_QUERY > and AUTH_CLIENT_RESPONSE in order to distinguish the initiator and > responder in a NOTIFY trans

Re: BIND 9.11.4 dnstap not capturing updates

On Fri, Aug 03, 2018 at 04:18:45PM -0400, Robert Edmonds wrote: > greg.ra...@bt.com wrote: > > Thanks Robert. I've added a few lines of code to BIND's client.c > > source module to call dns_dt_send for updates with a type of > > AUTH_QUERY, and it works as expected. > > > Is there any reason that

Re: BIND 9.11.4 dnstap not capturing updates

greg.ra...@bt.com wrote: > Thanks Robert. I've added a few lines of code to BIND's client.c source > module to call dns_dt_send for updates with a type of AUTH_QUERY, and it > works as expected. > > Is there any reason that you can think that it should not be part of the > standard BIND dnstap

RE: BIND 9.11.4 dnstap not capturing updates

ill gladly contribute my change to the ISC. Regards, Greg -Original Message- From: Robert Edmonds [mailto:edmo...@mycre.ws] Sent: Friday, August 3, 2018 3:08 PM To: Tony Finch Cc: Rabil,AG,A Gregory,JTK2 R ; bind-us...@isc.org Subject: Re: BIND 9.11.4 dnstap not capturing updates Tony F

Re: BIND 9.11.4 dnstap not capturing updates

Tony Finch wrote: > greg.ra...@bt.com wrote: > > > I use nsupdate to send a DDNS update to my zone, which is added > > successfully. However, the dnstap.output does not record the DNS > > update. > > I think (arguably) this is a limitation of the dnstap specification. It's > defined in a Protoc

RE: BIND 9.11.4 dnstap not capturing updates

That would be the update response, but not the update request. Regards, Greg From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Darcy, Kevin Sent: Friday, August 3, 2018 12:56 PM To: bind-us...@isc.org Subject: Re: BIND 9.11.4 dnstap not capturing updates I'm no expe

RE: BIND 9.11.4 dnstap not capturing updates

Thanks Tony, I see in the code now where it is not calling dns_dt_send() for the update request. Regards, Greg > I use nsupdate to send a DDNS update to my zone, which is added > successfully. However, the dnstap.output does not record the DNS > update. I think (arguably) this is a limitatio

Re: BIND 9.11.4 dnstap not capturing updates

I'm no expert in DNSTAP, but I see this in the output: opcode: UPDATE along with proper reinterpretations of the sections: ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 How is that "not record[ing} the DNS update"? Are you looking for something prettier? More detailed? - Kevin On Fri,

Re: BIND 9.11.4 dnstap not capturing updates

greg.ra...@bt.com wrote: > I use nsupdate to send a DDNS update to my zone, which is added > successfully. However, the dnstap.output does not record the DNS > update. I think (arguably) this is a limitation of the dnstap specification. It's defined in a Protocol Buffers declaration file (see t

BIND 9.11.4 dnstap not capturing updates

Hello BIND users, (my apologies if this gets posted twice, I first sent to bind-us...@isc.org instead of bind-users@lists.isc.org) I am running BIND 9.11.4 on CentOS 7, built with support for dnstap. I am testing capturing of all DNS

BIND 9.11.4 dnstap not capturing updates

Hello BIND users, I am running BIND 9.11.4 on CentOS 7, built with support for dnstap. I am testing capturing of all DNS packets, including DNS update packets, but they don't seem to be captured. Here are my named.conf options: dnstap-output file "/tmp/dnstap.output" ; dnstap { all