Re: Best practice for forwarding Dnstap (unix socket) traffic to another address
Fred Morris wrote: > > What I'm looking at is trying to build a BIND kernel, like a nanokernel. Socat > won't work in this case, because because there's no "IPC" layer, because there > is only one process in the kernel. Sounds fun. I think your solution must be to modify BIND's dnstap sender so that it can use a TCP socket as an alternative to a unix domain socket. Tony. -- f.anthony.n.finchhttps://dotat.at/ Mull of Galloway to Mull of Kintyre including the Firth of Clyde and North Channel: Southwesterly 3 to 5. Mainly slight or moderate, but smooth or slight in Firth of Clyde. Fair. Good. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Best practice for forwarding Dnstap (unix socket) traffic to another address
I should have included this in the first message, and I apologize. What I'm looking at is trying to build a BIND kernel, like a nanokernel. Socat won't work in this case, because because there's no "IPC" layer, because there is only one process in the kernel. One process. No users. I need to get data out of it into the network layer. -- Fred ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Best practice for forwarding Dnstap (unix socket) traffic to another address
Hello. For a variety reasons: * Dnstap doesn't comport with the usual MTU restrictions, that is an "event" is not reliably going to fit in a UDP frame. * Dnstap casts your application as the "server" and BIND as the "client". * For whatever reasons the implementer(s) saw fit to include a mandatory handshake (all it does it say "ok, I'm sending X, what do you want?" and you have to respond with whatever the client sent). * The only streaming that Dnstap has offered has been unix sockets. What's the best practice for sending this to another address, presumably via TCP... socat? Too bad about the handshake, any best practices for forwarding there? Thanks in advance... (Pure Python implementation of fstrm: https://github.com/m3047/shodohflo/blob/master/shodohflo/fstrm.py) -- Fred Morris, internet plumber and data sous chef ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users