[Bug 1986586] [NEW] [SRU] Enable DNSTAP support
Launchpad Bug Tracker
1986586 at bugs.launchpad.net
Sat Aug 20 07:51:26 UTC 2022
You have been subscribed to a public bug by Luís Cunha dos Reis Infante da Câmara (luis220413):
Upstream BIND supports DNSTAP since version 9.11 and this support is
enabled in Debian, but disabled in Ubuntu because 2 required
dependencies (libprotobuf-c1 and libfstrm0) are in the universe
component. However, libprotobuf-c1 was recently approved for inclusion
into the main component (bug #1956617), and I have filed a main
inclusion report (MIR) for fstrm (bug #1986591).
DNSTAP is a feature of bind9 9.11 and up. It allows for the system to
'tap' into the DNS queries automatically log both DNS Queries and DNS
Responses. This lets us actually see the behavior of DNS and what data
is being returned at the server level. This replaces `dnscap` behavior
by integrating the behavior directly into BIND.
This can be a useful tool for capturing and logging requests. It is not
enabled by default when built with BIND9, but can be activated later by
users if they wish to use it.
To enable this in BIND9, we only need to build the binaries with
`--enable-dnstap` to enable dnstap support.
[Test Plan]
Run the test suites of the original and patched source packages on Ubuntu 20.04, 22.04 and Kinetic and check that there are no regressions and that all test failures are justified.
[Where problems could occur]
This can break deployments that expect that BIND 9 in Ubuntu does not provide DNSTAP support and cause regressions in other packages in the Ubuntu archive.
** Affects: bind9 (Ubuntu)
Importance: Undecided
Status: New
--
[SRU] Enable DNSTAP support
https://bugs.launchpad.net/bugs/1986586
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list