Date: Wed, 5 Nov 2003 17:59:03 -0800 From: Gregory Sutter <gsutter@zer0.org> To: "Jason C. Wells" <jcw@highperformance.net> Cc: chat@freebsd.org Subject: Re: Too Much DNS Traffic / Analysis Message-ID: <20031106015903.GJ98272@klapaucius.zer0.org> In-Reply-To: <Pine.BSF.4.44.0311031830500.3218-100000@s1.stradamotorsports.com> References: <Pine.BSF.4.44.0311031830500.3218-100000@s1.stradamotorsports.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--KjX7LgAomYr70Ka9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003-11-03 18:54 -0800, "Jason C. Wells" <jcw@highperformance.net> wrote: >=20 > In 'ipfw show' I can see that 528 packets came in on smtp. 20 packets > came in on http. Something like 40,000 packets came in on DNS in one day. > This seems to be way too much DNS traffic for the little bit of use my > network sees. Packets is not that useful a measure of figuring out where DNS traffic originates. Have you enabled query logging to see what is causing all the traffic? I cleaned up a shell script I wrote to make a simple query analysis and put it up on <http://zer0.org/bsd/>. Perhaps this would be of assistance in finding the source of your DNS traffic. Greg --=20 Gregory S. Sutter My reality check just bounced. mailto:gsutter@zer0.org=20 http://zer0.org/~gsutter/=20 --KjX7LgAomYr70Ka9 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- iD8DBQE/qarnIBUx1YRd/t0RAvYaAJ9wKZpN1qc/hLfr+gS3lGGJSRdDngCcCYjJ TnR0Ig8L/m6fkrAST4ocZAw= =KBL7 -----END PGP SIGNATURE----- --KjX7LgAomYr70Ka9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031106015903.GJ98272>