[nsd-users] Logfile/verbosity and master/slave

Geoffrey Sisson geoff at geoff.co.uk
Fri Dec 12 08:15:21 CET 2008


"Lew Payne" <lew.payne at gmail.com> wrote:

> I would argue that incorporating "bad" queries into a log, at a
> certain verbosity level, can only enhance the real-time diagnostics

I'm agnostic as to whether or not to include logging in nsd.  However,
if it is included, I hope any added code can be disabled as a compile-time
option.

> The problem with diagnosing this with external tools (tcpdump, et-al)
> is that you must run the process in promiscuous mode, and thus
> generate a security concern.  Also, and more important from a
> performance standpoint, it must analyze and capture each incoming
> packet - good and bad.  That's unnecessary processing, and a task that
> nsd is already performing de-facto.  nsd has the capability of
> identifying bad queries already - there is no added burden in tasking
> it with logging them (other than logging overhead, which I have
> claimed to be minimal and helpful in this regard).

If an nsd server is liable to typically experience loads high enough
that a concurrent packet capture would cause significant additional
performance degradation, then it's probably better to do passive
capture on a separate box rather than add aditional processing overhead
to the existing one.  (This would also mitigate the promiscuous mode
risk.)

Geoff


More information about the nsd-users mailing list