[119752] in North American Network Operators' Group
RE: DNS query analyzer
daemon@ATHENA.MIT.EDU (Stefan Fouant)
Mon Nov 30 21:49:51 2009
From: "Stefan Fouant" <sfouant@shortestpathfirst.net>
To: "'Joseph Jackson'" <jjackson@aninetworks.net>,
<nanog@nanog.org>
In-Reply-To: <695277448C537A469D28FF68D0938C8372F23B5EDB@EXMBX04.exchhosting.com>
Date: Mon, 30 Nov 2009 21:48:53 -0500
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> -----Original Message-----
> From: Joseph Jackson [mailto:jjackson@aninetworks.net]
> Sent: Monday, November 30, 2009 7:07 PM
>
> Anyone know of a tool that can take a pcap file from wireshark that was
> used to collect dns queries and then spit out statistics about the
> queries such as RTT and timeouts?
It just so happens there is a tool aptly named DNS Analyzer by NLnet Labs.
I used it a while back but if I recall you could feed it a pcap and it could
spit out all kinds of useful statistical data.
I don't think it's being actively maintained at the moment but you should be
able to find it on the NLnet Labs site -
http://www.nlnetlabs.nl/projects/dns-analyzer/
HTHs.
Stefan Fouant
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
