Re: RPZ and DNS traffic on the server

2019-02-12 Thread Alex K
Hi Daniel, Thank you very much! It was exactly what I was looking for. On Tue, Feb 12, 2019 at 4:03 PM Daniel Stirnimann < daniel.stirnim...@switch.ch> wrote: > > Hello Alex, > > > Is this expected behaviour? Is there any way to make the server avoid > > proceeding with the resolution, when the

RPZ and DNS traffic on the server

2019-02-12 Thread Alex K
Hi all, I have a RPZ setup to whitelist several domains. The issue I am facing is that, even though domains are blocked, the cashing DNS server still proceeds to resolve the domain. The bahavior that I was hoping to see is the server to not bother resolving the domain if the RPZ policy replies

DNS traffic tracking

2022-05-06 Thread Alex K
Hi all, I have the following problem: I run a caching dns server using bind9 v9.10.3 in a gateway device which it serves several internal LAN IP addresses (clients). I am doing some traffic accounting in the gateway device using Linux conntrack so as to calculate the generated client traffic

Re: DNS traffic tracking

2022-05-11 Thread Alex K
On Mon, May 9, 2022 at 7:27 PM Fred Morris wrote: > On Mon, 9 May 2022, Alex K wrote: > > [...] > > The problem now is that I see sometime 700MB of DNS traffic for 2GB of > > Internet browsing within one month. > > That's an eyebrow raiser. Tunneling, antivirus (or

Re: DNS traffic tracking

2022-05-09 Thread Alex K
Hi Petr, On Mon, May 9, 2022 at 10:26 AM Petr Špaček wrote: > On 06. 05. 22 17:02, Alex K wrote: > > Hi all, > > > > I have the following problem: I run a caching dns server using bind9 > > v9.10.3 in a gateway device which it serves several internal LAN IP > >

Re: DNS traffic tracking

2022-05-09 Thread Alex K
On Mon, May 9, 2022 at 11:48 AM Petr Špaček wrote: > On 09. 05. 22 10:34, Alex K wrote: > > Hi Petr, > > > > On Mon, May 9, 2022 at 10:26 AM Petr Špaček > <mailto:pspa...@isc.org>> wrote: > > > > On 06. 05. 22 17:02, Alex K wrote: &g

Re: DNS traffic tracking

2022-05-09 Thread Alex K
king random queries (PRSD), which your > server cannot cache, so this causes it to generate much more Internet > traffic; at least as much as the clients are generating. (0% cache hit > ratio) > > Cheers, Greg > > > > On Fri, 6 May 2022 at 16:02, Alex K wrote: > &

Re: DNS traffic tracking

2022-05-09 Thread Alex K
On Mon, May 9, 2022 at 2:46 PM Bjørn Mork wrote: > Alex K writes: > > On Mon, May 9, 2022 at 1:51 PM Matus UHLAR - fantomas > > > wrote: > > > >> maybe someone uses VPN over DNS... > >> in such case, rate limiting of client comes to mind... > >&g

Re: DNS traffic tracking

2022-05-09 Thread Alex K
On Mon, May 9, 2022 at 1:51 PM Matus UHLAR - fantomas wrote: > >On 09. 05. 22 10:34, Alex K wrote: > >>The initial and current approach is to provide DNS free of charge, > >>which simplified things for me. Though the traffic in question is > >>satellite traffic w