go-dnscollector

command module
v0.23.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 19, 2022 License: MIT Imports: 11 Imported by: 0

README

DNS Collector

NOTE: The code before version 1.x is considered beta quality and is subject to breaking changes.

Overview

This tool acts as a high speed aggregator, analyzer, transporter and logging for your DNS logs, written in Golang. The DNS Traffic can be collected and aggregated simultaneously from many different sources (dnstap, sniffer, logs, etc.) .

overview

This tool can also help you to visualize DNS traffic errors and anomalies with Grafana dashboard.

overview

This tool can be used to transform dns queries or replies in JSON format with EDNS support.

{
 // query/reply ip and port, tcp/udp protocol and family used
 "network": {...},
 // message type, arrival packet time, latency.
 "dnstap": {...},
 // dns fields
 "dns": {...},
 // extended dns options like csubnet
 "edns": {...},
 // country, continent and city informations
 "geo": {...},
 // specific powerdns metadata like tags, original-request-subnet
 "pdns": {...}
}

Features

Installation

Run-it from binary

Download the binary from release page. If you want to integrate this tool with systemd, please to follow this guide.

./go-dnscollector -config config.yml

Run-it from dockerhub

Use the default config (dnstap -> stdout + rest api):

docker run -d --name=dnscollector01 dmachard/go-dnscollector

Override the default configuration (/etc/dnscollector/config.yml) with a config file on the host:

-v $(pwd)/config.yml:/etc/dnscollector/config.yml

Configuration

See the full Configuration guide for more details.

Use-cases

As prerequisites, we assume you have a DNS server which supports DNSTap (unbound, bind, powerdns, etc)

For more informations about dnstap, please to read the following page Dnstap: How to enable it on main dns servers

End to end testing

Tested with success with the following operating system and dns servers

ubuntu 22.04 ubuntu 20.04 macos 11 unbound 1.15.x unbound 1.16.x powerdns dnsdist 1.6.x powerdns dnsdist 1.7.x coredns 1.8.7 coredns 1.9.4

Benchmark

Tested on the following machine: 8 vCPUs, 32 GB memory

packet per sec received DnsCollector
50k OK - 0% lost
100k OK - 0% lost
150k OK (0.07% lost)

For developers

Run from source

go run .

Execute testunits

go test -timeout 10s ./collectors/ -cover -v
go test -timeout 10s ./loggers/ -cover -v
go test -timeout 10s ./transformers/ -cover -v
go test -timeout 10s ./dnsutils/ -cover -v

Execute a test for one specific testcase in a package

go test -timeout 10s -cover -v ./loggers -run TestSyslogRunJsonMode

Building from source. Use the latest golang available on your target system

CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o go-dnscollector *.go

Update package dependencies

go get github.com/dmachard/go-logger@v0.2.0
go get github.com/dmachard/go-powerdns-protobuf@v0.0.3
go get github.com/dmachard/go-dnstap-protobuf@v0.2.0
go mod tidy

Documentation

The Go Gopher

There is no documentation for this package.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL