1. Forum
  2. Newsgroups
  3. comp.protocols.dns.bind

  • unexpected behaviour of rndc dnstap -roll

    From Jakob Dhondt@jakob.dhondt@switch.ch to bind-users on Wed Jun 17 17:55:06 2020
    From Newsgroup: comp.protocols.dns.bind

    Hi everyone,

    I am generating dnstap files using bind and regularly roll them using
    'rndc dnstap -roll [number]'. The way I understand the documentation is
    that there should be max [number] old dnstap files after executing this
    command but what actually happens is that all files are being kept so
    that I have to remove the old ones myself.

    This is what the documentation says:

    dnstap ( -reopen | -roll [number] )
    ... If number is specified, then the number of backup log files is
    limited to that number.

    Am I missing something here? Is the behaviour that I'm observing the
    expected one? The logs don't tell me much and I couldn't find any hints
    about this on the Internet. Thanks for any help!

    Kind regards,

    Jakob

    --

    SWITCH
    Jakob Dhondt, Security Engineer, SWITCH-CERT
    Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
    phone +41 44 268 15 15, direct +41 44 268 16 23
    jakob.dhondt@switch.ch, www.switch.ch
    Security-News: securityblog.switch.ch

    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From Tony Finch@dot@dotat.at to Jakob Dhondt on Sun Jun 21 21:30:01 2020
    From Newsgroup: comp.protocols.dns.bind

    Jakob Dhondt <jakob.dhondt@switch.ch> wrote:

    I am generating dnstap files using bind and regularly roll them using
    'rndc dnstap -roll [number]'. The way I understand the documentation is
    that there should be max [number] old dnstap files after executing this command but what actually happens is that all files are being kept so
    that I have to remove the old ones myself.

    Yes, this is a bug. I could reproduce the problem but I couldn't see it
    by staring at the code, so I added some extra logging until I found
    the mistake. I've submitted a merge request for this patch:

    https://gitlab.isc.org/fanf/bind9/-/commit/29d275965c0cddc862eeccb28188b8fd124fb321

    Tony.
    --
    f.anthony.n.finch <dot@dotat.at> http://dotat.at/
    public services available on equal terms to all
    --- Synchronet 3.18a-Linux NewsLink 1.113
  • From Jakob Dhondt@jakob.dhondt@switch.ch to Tony Finch on Mon Jun 22 08:58:37 2020
    From Newsgroup: comp.protocols.dns.bind

    Thanks for your help!

    On 21.06.20 22:30, Tony Finch wrote:
    Jakob Dhondt <jakob.dhondt@switch.ch> wrote:
    I am generating dnstap files using bind and regularly roll them using
    'rndc dnstap -roll [number]'. The way I understand the documentation is
    that there should be max [number] old dnstap files after executing this
    command but what actually happens is that all files are being kept so
    that I have to remove the old ones myself.
    Yes, this is a bug. I could reproduce the problem but I couldn't see it
    by staring at the code, so I added some extra logging until I found
    the mistake. I've submitted a merge request for this patch:

    https://gitlab.isc.org/fanf/bind9/-/commit/29d275965c0cddc862eeccb28188b8fd124fb321

    Tony.

    --

    SWITCH
    Jakob Dhondt, Security Engineer, SWITCH-CERT
    Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
    phone +41 44 268 15 15, direct +41 44 268 16 23
    jakob.dhondt@switch.ch, www.switch.ch
    Security-News: securityblog.switch.ch

    --- Synchronet 3.18a-Linux NewsLink 1.113