[Yeti DNS Discuss] dnscap losing packets?
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Jun 15 19:53:30 UTC 2015
On Fri, Jun 12, 2015 at 07:23:14AM -0700,
Paul Vixie <paul at redbarn.org> wrote
a message of 4 lines which said:
> the latest dnscap is duane's fork
> (https://github.com/verisign/dnscap)
I tried this one, which is now running on dahu1.yeti.eu.org. At first
glance, no change (I leave it running to see if it gets better).
Seen by 'tcpdump -i eth1 -n port 53':
19:41:08.652076 IP6 2a01:e35:8bd9:8bb0:666:6c7c:9bed:b390.44677 > 2001:4b98:dc2:45:216:3eff:fe4b:8c5b.53: 25748+ [1au] SOA? . (28)
19:41:08.652292 IP6 2001:4b98:dc2:45:216:3eff:fe4b:8c5b.53 > 2a01:e35:8bd9:8bb0:666:6c7c:9bed:b390.44677: 25748*- 2/8/8 SOA, RRSIG (789)
Seen by 'dnscap -1 -g -m qun -i eth1 -6 -T -f' at the same moment
(the query is lost):
[837] 2015-06-15 19:41:08.652292 [#0 eth1 0] \
[2001:4b98:dc2:45:216:3eff:fe4b:8c5b].53 [2a01:e35:8bd9:8bb0:666:6c7c:9bed:b390].44677 \
dns QUERY,NOERROR,25748,qr|aa|rd \
1 .,IN,SOA \
2 .,IN,SOA,86400,bii.dns-lab.net,yeti.biigroup.cn,2015061501,1800,900,604800,86400 \
.,IN,46,86400,[147] \
8 .,IN,NS,518400,bii.dns-lab.net \
.,IN,NS,518400,dahu1.yeti.eu.org \
.,IN,NS,518400,yeti-ns.tisf.net \
.,IN,NS,518400,yeti-ns.wide.ad.jp \
.,IN,NS,518400,yeti-ns.as59715.net \
.,IN,NS,518400,ns-yeti.bondis.org \
.,IN,NS,518400,yeti-ns.ix.ru \
.,IN,46,518400,[147] \
8 bii.dns-lab.net,IN,AAAA,518400,240c:f:1:22::6 \
dahu1.yeti.eu.org,IN,AAAA,518400,2001:4b98:dc2:45:216:3eff:fe4b:8c5b \
yeti-ns.tisf.net,IN,AAAA,518400,2001:559:8000::6 \
yeti-ns.wide.ad.jp,IN,AAAA,518400,2001:200:1d9::35 \
yeti-ns.as59715.net,IN,AAAA,518400,2a02:cdc5:9715:0:185:5:203:53 \
ns-yeti.bondis.org,IN,AAAA,518400,2a02:2810:0:405::250 \
yeti-ns.ix.ru,IN,AAAA,518400,2001:6d0:6d06::53 \
.,4096,4096,32768,edns0[len=0,UDP=4096,ver=0,rcode=0,DO=1,z=0] \
,[0]
More information about the discuss
mailing list