| title | weight | description |
|---|---|---|
Using trace dns |
20 |
Trace DNS queries and responses.
|
The trace dns gadget prints information about DNS queries and responses sent and received by the different pods.
Create a demo namespace:
$ kubectl create ns demo
namespace/demo createdStart the dns gadget:
$ kubectl gadget trace dns -n demo
NODE NAMESPACE POD QR NAMESERVER TYPE QTYPE NAMERun a pod on a different terminal and perform some DNS requests:
$ kubectl -n demo run mypod -it --image=wbitt/network-multitool -- /bin/sh
# nslookup -querytype=a inspektor-gadget.io. 8.8.4.4
# nslookup -querytype=aaaa inspektor-gadget.io. 8.8.4.4
# nslookup -querytype=mx inspektor-gadget.io. 8.8.4.4The requests will be logged by the DNS gadget:
NODE NAMESPACE POD PID TID COMM QR NAMESERVER TYPE QTYPE NAME RCODE
minikube demo mypod 1285309 1285310 isc-net-00… Q 8.8.4.4 OUTGOING A inspektor-gadget.i…
minikube demo mypod 1285309 1285310 isc-net-00… R 8.8.4.4 HOST A inspektor-gadget.i… NoError
minikube demo mypod 1285594 1285595 isc-net-00… Q 8.8.4.4 OUTGOING AAAA inspektor-gadget.i…
minikube demo mypod 1285594 1285595 isc-net-00… R 8.8.4.4 HOST AAAA inspektor-gadget.i… NoError
minikube demo mypod 1285655 1285656 isc-net-00… Q 8.8.4.4 OUTGOING MX inspektor-gadget.i…
minikube demo mypod 1285655 1285656 isc-net-00… R 8.8.4.4 HOST MX inspektor-gadget.i… NoErrorisc-net-0000 is the name of one of the nslookup threads.
Delete the demo test namespace:
$ kubectl delete ns demo
namespace "demo" deletedTODO
- The gadget is only able to capture up to 8 addresses on a DNS response. The event contains a
NumAnswersfield that can be used to check if the addresses reported were truncated. - Addresses on a response are only captured if it is compressed.