mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
54 lines
2.6 KiB
Plaintext
54 lines
2.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// network_observability/observing-network-traffic.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="network-observability-dns-tracking_{context}"]
|
|
= Working with DNS tracking
|
|
|
|
[role="_abstract"]
|
|
Configure the `FlowCollector` custom resource to enable DNS tracking for monitoring network performance, security analysis, and DNS troubleshooting in the web console.
|
|
|
|
You can track DNS by editing the `FlowCollector` to the specifications in the following YAML example.
|
|
|
|
[IMPORTANT]
|
|
====
|
|
CPU and memory usage increases are observed in the eBPF agent when this feature is enabled.
|
|
====
|
|
|
|
.Procedure
|
|
. In the web console, navigate to *Ecosystem* -> *Installed Operators*.
|
|
. Under the *Provided APIs* heading for *Network Observability*, select *Flow Collector*.
|
|
. Select *cluster* then select the *YAML* tab.
|
|
. Configure the `FlowCollector` custom resource. A sample configuration is as follows:
|
|
+
|
|
[id="network-observability-flowcollector-configuring-dns_{context}"]
|
|
.Configure `FlowCollector` for DNS tracking
|
|
[source, yaml]
|
|
----
|
|
apiVersion: flows.netobserv.io/v1beta2
|
|
kind: FlowCollector
|
|
metadata:
|
|
name: cluster
|
|
spec:
|
|
namespace: netobserv
|
|
agent:
|
|
type: eBPF
|
|
ebpf:
|
|
features:
|
|
- DNSTracking <1>
|
|
sampling: 1 <2>
|
|
----
|
|
<1> You can set the `spec.agent.ebpf.features` parameter list to enable DNS tracking of each network flow in the web console.
|
|
<2> You can set `sampling` to a value of `1` for more accurate metrics and to capture *DNS latency*. For a `sampling` value greater than 1, you can observe flows with *DNS Response Code* and *DNS Id*, and it is unlikely that *DNS Latency* can be observed.
|
|
|
|
. When you refresh the *Network Traffic* page, there are new DNS representations you can choose to view in the *Overview* and *Traffic Flow* views and new filters you can apply.
|
|
.. Select new DNS choices in *Manage panels* to display graphical visualizations and DNS metrics in the *Overview*.
|
|
.. Select new choices in *Manage columns* to add DNS columns to the *Traffic Flows* view.
|
|
.. Filter on specific DNS metrics, such as *DNS Id*, *DNS Error* *DNS Latency* and *DNS Response Code*, and see more information from the side panel. The *DNS Latency* and *DNS Response Code* columns are shown by default.
|
|
|
|
[NOTE]
|
|
====
|
|
TCP handshake packets do not have DNS headers. TCP protocol flows without DNS headers are shown in the traffic flow data with *DNS Latency*, *ID*, and *Response code* values of "n/a". You can filter out flow data to view only flows that have DNS headers using the *Common* filter "DNSError" equal to "0".
|
|
====
|