On Fri, Jul 04, 2014 at 06:00:48PM +0700, Roland Dobbins wrote:
>
> I know that some DNS operators disable logging of queries/responses due to
"almost all", I would suggest.
> the overhead of doing so - are most folks on this list with large-scale
> DNS recursive and/or authoritative DNS infrastructure disabling logging,
> enabling it, and/or logging queries/responses out-of-band via
> packet-capture taps, databases, etc.?
We've had great results with a format that stores all relevant details. It
is called PCAP. Much recommended for serious setups, especially if you can
do it out of band so it doesn't impact the servers itself.
I know Nominet has a very powerful packet logging setup that they plan to
offer commercially.
Bert
_______________________________________________
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
