Re: DNS traffic tracking

2022-05-11 Thread Alex K
On Mon, May 9, 2022 at 7:27 PM Fred Morris wrote: > On Mon, 9 May 2022, Alex K wrote: > > [...] > > The problem now is that I see sometime 700MB of DNS traffic for 2GB of > > Internet browsing within one month. > > That's an eyebrow raiser. Tunneling, antivirus (or some other database > using

Re: DNS traffic tracking

2022-05-09 Thread Fred Morris
On Mon, 9 May 2022, Alex K wrote: [...] The problem now is that I see sometime 700MB of DNS traffic for 2GB of Internet browsing within one month. That's an eyebrow raiser. Tunneling, antivirus (or some other database using DNS as a key+value store), CDN? IoT fleet? Then comes the inevitable

Re: DNS traffic tracking

2022-05-09 Thread Peter Coghlan
Alex K wrote: >On Mon, May 9, 2022 at 2:46 PM Bjørn Mork wrote: >> >> FWIW I agree with the rate-limit recommendation. It solves both this >> and your original problem without any complicated and messy tracking. >> Just make DNS "free" up to some reasonable query rate. If there are >> clients

Re: DNS traffic tracking

2022-05-09 Thread Alex K
On Mon, May 9, 2022 at 2:46 PM Bjørn Mork wrote: > Alex K writes: > > On Mon, May 9, 2022 at 1:51 PM Matus UHLAR - fantomas > > > wrote: > > > >> maybe someone uses VPN over DNS... > >> in such case, rate limiting of client comes to mind... > >> > > That would mean that the clients have access

Re: DNS traffic tracking

2022-05-09 Thread Bjørn Mork
Alex K writes: > On Mon, May 9, 2022 at 1:51 PM Matus UHLAR - fantomas > wrote: > >> maybe someone uses VPN over DNS... >> in such case, rate limiting of client comes to mind... >> > That would mean that the clients have access to their own dns servers, > which the firewall does not allow. No,

Re: DNS traffic tracking

2022-05-09 Thread Alex K
On Mon, May 9, 2022 at 1:51 PM Matus UHLAR - fantomas wrote: > >On 09. 05. 22 10:34, Alex K wrote: > >>The initial and current approach is to provide DNS free of charge, > >>which simplified things for me. Though the traffic in question is > >>satellite traffic with monthly allowances of roughly

Re: DNS traffic tracking

2022-05-09 Thread Matus UHLAR - fantomas
On 09. 05. 22 10:34, Alex K wrote: The initial and current approach is to provide DNS free of charge, which simplified things for me. Though the traffic in question is satellite traffic with monthly allowances of roughly 4 to 8GB, thus every MB counts. The problem now is that I see sometime

Re: DNS traffic tracking

2022-05-09 Thread Petr Špaček
On 09. 05. 22 12:06, Alex K wrote: Hi Greg, On Mon, May 9, 2022 at 11:17 AM Greg Choules > wrote: Hi Alex. Your use case may be very different to the one I faced in my previous job. But there we did not and could not charge for DNS.

Re: DNS traffic tracking

2022-05-09 Thread Alex K
Hi Greg, On Mon, May 9, 2022 at 11:17 AM Greg Choules < gregchoules+bindus...@googlemail.com> wrote: > Hi Alex. > Your use case may be very different to the one I faced in my previous job. > But there we did not and could not charge for DNS. It was seen as a > necessary but free resource. > If

Re: DNS traffic tracking

2022-05-09 Thread Alex K
On Mon, May 9, 2022 at 11:48 AM Petr Špaček wrote: > On 09. 05. 22 10:34, Alex K wrote: > > Hi Petr, > > > > On Mon, May 9, 2022 at 10:26 AM Petr Špaček > > wrote: > > > > On 06. 05. 22 17:02, Alex K wrote: > > > Hi all, > > > > > > I have the

Re: DNS traffic tracking

2022-05-09 Thread Petr Špaček
On 09. 05. 22 10:34, Alex K wrote: Hi Petr, On Mon, May 9, 2022 at 10:26 AM Petr Špaček > wrote: On 06. 05. 22 17:02, Alex K wrote: > Hi all, > > I have the following problem: I run a caching dns server using bind9 > v9.10.3 in a gateway device

Re: DNS traffic tracking

2022-05-09 Thread Alex K
Hi Petr, On Mon, May 9, 2022 at 10:26 AM Petr Špaček wrote: > On 06. 05. 22 17:02, Alex K wrote: > > Hi all, > > > > I have the following problem: I run a caching dns server using bind9 > > v9.10.3 in a gateway device which it serves several internal LAN IP > > addresses (clients). I am doing

Re: DNS traffic tracking

2022-05-09 Thread Greg Choules via bind-users
Hi Alex. Your use case may be very different to the one I faced in my previous job. But there we did not and could not charge for DNS. It was seen as a necessary but free resource. If you *really* want to account for how many queries clients are making, a quick and dirty solution is enabling

Re: DNS traffic tracking

2022-05-09 Thread Petr Špaček
On 06. 05. 22 17:02, Alex K wrote: Hi all, I have the following problem: I run a caching dns server using bind9 v9.10.3 in a gateway device which it serves several internal LAN IP addresses (clients). I am doing some traffic accounting in the gateway device using Linux conntrack so as to

DNS traffic tracking

2022-05-06 Thread Alex K
Hi all, I have the following problem: I run a caching dns server using bind9 v9.10.3 in a gateway device which it serves several internal LAN IP addresses (clients). I am doing some traffic accounting in the gateway device using Linux conntrack so as to calculate the generated client traffic