Skip to content

Release 2.13.0
Compare
Choose a tag to compare
@jelu jelu released this 28 Jan 09:49
· 78 commits to develop since this release
v2.13.0
849d7fe

This release fixes a huge performance issue with hashing IPv6 addresses, adds support for new DNSTAP messages types and protocols, and adds two new indexers.

Due to submodules in the repository please download this tarball:
https://www.dns-oarc.net/files/dsc/dsc-2.13.0.tar.gz
sha256: 8f37b002b0093a34f19477b476ab1b76c462d12e792bd6e3b637947a4e3ee1ab

Packages are available at: https://dev.dns-oarc.net/packages/

Thanks to a patch sent in by Ken Renard (@kdrenard) a rather huge performance issue related to hashing IPv6 addresses has been solved.
Old code used a very incorrect assumption about addresses in general and while same way was used for IPv4, it didn't hit as hard as it did
for IPv6.
New code uses hashing functions on both address types and to quote the GitHub issue (by Ken):

This performs about 5% better than what I did (51 sec versus 54 sec) for 5GB pcap file with nearly 50/50 split of IPv4 and IPv6 (3.7M/3.5M v4/v6 queries). Old inXaddr_hash() has been running for 75 minutes and is about 20% done. I say this is a winner!"

Many thanks to Ken for pointing this out and supplying a patch!

DSC now depends on dnswire v0.3.0 which includes new DNSTAP messages types and protocols that was recently added to DNSTAP's Protobuf definition.
The new UPDATE_QUERY and UPDATE_RESPONSE messages types are now supported and are interpret as AUTH_QUERY and AUTH_RESPONSE.
The new socket protocols for DOT, DOH and DNSCrypt are also supported and are interpret as TCP for indexers such as ip_proto and transport. To get stats on the encryption itself you can use the new indexer encryption.

Two new indexers have been added:

  • label_count: Number of labels in the QNAME
  • encryption: Indicates whether the DNS message was carried over an encrypted connection or not, and if so over which. For example "unencrypted", "dot" (DNS-over-TLS), "doh" (DNS-over-HTTPS).

Other changes:

  • inX_addr: Rework structure, separate IPv4 and IPv6 addresses
  • Fix some DNSTAP tests
  • transport_index: Fix typo in code documentation

37df703 DNSTAP update, encryption indexer
d27171f Label count indexer
6932247 Adding labellen indexer which counts the number of labels in a DNS message
68cc9c7 New IP hashing

Contributors

kdrenard
Assets 2
Loading