[nsd-users] Logfile/verbosity and master/slave
Geoffrey Sisson
geoff at geoff.co.uk
Fri Dec 12 07:15:21 UTC 2008
"Lew Payne" <lew.payne at gmail.com> wrote:
> I would argue that incorporating "bad" queries into a log, at a
> certain verbosity level, can only enhance the real-time diagnostics
I'm agnostic as to whether or not to include logging in nsd. However,
if it is included, I hope any added code can be disabled as a compile-time
option.
> The problem with diagnosing this with external tools (tcpdump, et-al)
> is that you must run the process in promiscuous mode, and thus
> generate a security concern. Also, and more important from a
> performance standpoint, it must analyze and capture each incoming
> packet - good and bad. That's unnecessary processing, and a task that
> nsd is already performing de-facto. nsd has the capability of
> identifying bad queries already - there is no added burden in tasking
> it with logging them (other than logging overhead, which I have
> claimed to be minimal and helpful in this regard).
If an nsd server is liable to typically experience loads high enough
that a concurrent packet capture would cause significant additional
performance degradation, then it's probably better to do passive
capture on a separate box rather than add aditional processing overhead
to the existing one. (This would also mitigate the promiscuous mode
risk.)
Geoff
More information about the nsd-users
mailing list