summaryrefslogtreecommitdiffstats
path: root/src/knot/modules/probe/probe.rst
diff options
context:
space:
mode:
Diffstat (limited to 'src/knot/modules/probe/probe.rst')
-rw-r--r--src/knot/modules/probe/probe.rst89
1 files changed, 89 insertions, 0 deletions
diff --git a/src/knot/modules/probe/probe.rst b/src/knot/modules/probe/probe.rst
new file mode 100644
index 0000000..e3657b9
--- /dev/null
+++ b/src/knot/modules/probe/probe.rst
@@ -0,0 +1,89 @@
+.. _mod-probe:
+
+``probe`` — DNS traffic probe
+=============================
+
+The module allows the server to send simplified information about regular DNS
+traffic through *UNIX* sockets. The exported information consists of data blocks
+where each data block (datagram) describes one query/response pair. The response
+part can be empty. The receiver can be an arbitrary program using *libknot* interface
+(C or Python). In case of high traffic, more channels (sockets) can be configured
+to allow parallel processing.
+
+.. NOTE::
+ A simple `probe client <https://gitlab.nic.cz/knot/knot-dns/-/blob/master/scripts/probe_dump.py>`_ in Python.
+
+Example
+-------
+
+Default module configuration::
+
+ template:
+ - id: default
+ global-module: mod-probe
+
+Per zone probe with 8 channels and maximum 1M logs per second limit::
+
+ mod-probe:
+ - id: custom
+ path: /tmp/knot-probe
+ channels: 8
+ max-rate: 1000000
+
+ zone:
+ - domain: example.com.
+ module: mod-probe/custom
+
+
+Module reference
+----------------
+
+::
+
+ mod-probe:
+ - id: STR
+ path: STR
+ channels: INT
+ max-rate: INT
+
+.. _mod-probe_id:
+
+id
+..
+
+A module identifier.
+
+.. _mod-probe_path:
+
+path
+....
+
+A directory path the UNIX sockets are located.
+
+.. NOTE::
+ It's recommended to use a directory with the execute permission restricted
+ to the intended probe consumer process owner only.
+
+*Default:* :ref:`rundir<server_rundir>`
+
+.. _mod-probe_channels:
+
+channels
+........
+
+Number of channels (UNIX sockets) the traffic is distributed to. In case of
+high DNS traffic which is beeing processed by many UDP/XDP/TCP workers,
+using more channels reduces the module overhead.
+
+*Default:* ``1``
+
+.. _mod-probe_max-rate:
+
+max-rate
+........
+
+Maximum number of queries/replies per second the probe is allowed to transfer.
+If the limit is exceeded, the over-limit traffic is ignored. Zero value means
+no limit.
+
+*Default:* ``100000`` (one hundred thousand)
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-02 15:39:19 +0000