On 11/09/2019 09:42, seddik alaoui ismaili wrote:
I'd like to track domain requests on both NS, just to see if queries still arrive on both DNS servers. An idea about a tool ? I've seen rec_control can do it, except there's not enough documentation on it, have you already installed it?

rec_control is for the powerdns recursor, but you're talking about powerdns authoritative.

There is the log_all_queries <https://doc.powerdns.com/authoritative/settings.html#log-dns-queries> option, but I would rather not run that on a production server.

Therefore, if your DNS traffic is not too high, I would be inclined to use either packetbeat <https://www.elastic.co/products/beats/packetbeat> or just tcpdump/wireshark to capture and decode the DNS traffic - then grep it for what you're looking for.  It's the least invasive way of doing it.



P.S. If you wanted to build a scalable, permanent way of doing this then you could look at dnsdist with protobuf or dnstap export - but I think that's overkill here.

