DNS Collector
Overview
This dns collector
acts as a high speed passive analyser for DNS traffic, written in Golang. Which give you the possibility to control dns servers, get statistics and more. It supports several methods to collect dns traffic (dnstap, sniffer, logs, etc.) and can redirect them to multiple destinations with protocol and format (json, text) transformation. This collector can also be used to logs dns answers.
NOTE: The code before version 1.x is considered beta quality and is subject to breaking changes.
Features
-
Supported collectors:
-
Supported loggers:
-
Other features
Installation
Run-it from binary
Download the binary from release page. If you want to integrate this tool with systemd, please to follow this guide.
./go-dnscollector -config config.yml
Run-it from dockerhub
Use the default config (dnstap -> stdout + rest api):
docker run -d --name=dnscollector01 dmachard/go-dnscollector
Override the default configuration (/etc/dnscollector/config.yml) with a config file on the host:
-v $(pwd)/config.yml:/etc/dnscollector/config.yml
Configuration
See the full Configuration guide for more details.
Use-cases
As prerequisites, we assume you have a DNS server which supports DNSTap (unbound, bind, powerdns, etc)
For more informations about dnstap, please to read the following page Dnstap: How to enable it on main dns servers
Benchmark
Tested on the following machine: 8 vCPUs, 32 GB memory
packet per sec received |
DnsCollector |
50k |
OK - 0% lost |
100k |
OK - 0% lost |
150k |
OK (0.07% lost) |
For developers
Run from source
go run .
Execute testunits
go test -timeout 10s ./collectors/ -cover -v
go test -timeout 10s ./loggers/ -cover -v
go test -timeout 10s ./subprocessors/ -cover -v
Execute a test for one specific testcase in a package
go test -timeout 10s -cover -v ./loggers -run TestSyslogRunJsonMode
Building from source. Use the latest golang available on your target system
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o go-dnscollector *.go