Date: Wed, 5 Nov 2003 17:59:03 -0800 From: Gregory Sutter <gsutter@zer0.org> To: "Jason C. Wells" <jcw@highperformance.net> Cc: chat@freebsd.org Subject: Re: Too Much DNS Traffic / Analysis Message-ID: <20031106015903.GJ98272@klapaucius.zer0.org> In-Reply-To: <Pine.BSF.4.44.0311031830500.3218-100000@s1.stradamotorsports.com> References: <Pine.BSF.4.44.0311031830500.3218-100000@s1.stradamotorsports.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 2003-11-03 18:54 -0800, "Jason C. Wells" <jcw@highperformance.net> wrote: > > In 'ipfw show' I can see that 528 packets came in on smtp. 20 packets > came in on http. Something like 40,000 packets came in on DNS in one day. > This seems to be way too much DNS traffic for the little bit of use my > network sees. Packets is not that useful a measure of figuring out where DNS traffic originates. Have you enabled query logging to see what is causing all the traffic? I cleaned up a shell script I wrote to make a simple query analysis and put it up on <http://zer0.org/bsd/>. Perhaps this would be of assistance in finding the source of your DNS traffic. Greg -- Gregory S. Sutter My reality check just bounced. mailto:gsutter@zer0.org http://zer0.org/~gsutter/ [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iD8DBQE/qarnIBUx1YRd/t0RAvYaAJ9wKZpN1qc/hLfr+gS3lGGJSRdDngCcCYjJ TnR0Ig8L/m6fkrAST4ocZAw= =KBL7 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031106015903.GJ98272>