github.com/inspektor-gadget/inspektor-gadget@v0.28.1/docs/builtin-gadgets/trace/dns.md (about) 1 --- 2 title: 'Using trace dns' 3 weight: 20 4 description: > 5 Trace DNS queries and responses. 6 --- 7 8  9 10 The trace dns gadget prints information about DNS queries and responses sent 11 and received by the different pods. 12 13 ### On Kubernetes 14 15 Create a `demo` namespace: 16 17 ```bash 18 $ kubectl create ns demo 19 namespace/demo created 20 ``` 21 22 Start the dns gadget: 23 24 ```bash 25 $ kubectl gadget trace dns -n demo 26 K8S.NODE K8S.NAMESPACE K8S.POD QR NAMESERVER TYPE QTYPE NAME 27 ``` 28 29 Run a pod on a different terminal and perform some DNS requests: 30 31 ```bash 32 $ kubectl -n demo run mypod -it --image=wbitt/network-multitool -- /bin/sh 33 # nslookup -querytype=a inspektor-gadget.io. 8.8.4.4 34 # nslookup -querytype=aaaa inspektor-gadget.io. 8.8.4.4 35 # nslookup -querytype=mx inspektor-gadget.io. 8.8.4.4 36 ``` 37 38 The requests will be logged by the DNS gadget: 39 40 ```bash 41 K8S.NODE K8S.NAMESPACE K8S.POD PID TID COMM QR NAMESERVER TYPE QTYPE NAME RCODE 42 minikube demo mypod 1285309 1285310 isc-net-00… Q 8.8.4.4 OUTGOING A inspektor-gadget.i… 43 minikube demo mypod 1285309 1285310 isc-net-00… R 8.8.4.4 HOST A inspektor-gadget.i… No Error 44 minikube demo mypod 1285594 1285595 isc-net-00… Q 8.8.4.4 OUTGOING AAAA inspektor-gadget.i… 45 minikube demo mypod 1285594 1285595 isc-net-00… R 8.8.4.4 HOST AAAA inspektor-gadget.i… No Error 46 minikube demo mypod 1285655 1285656 isc-net-00… Q 8.8.4.4 OUTGOING MX inspektor-gadget.i… 47 minikube demo mypod 1285655 1285656 isc-net-00… R 8.8.4.4 HOST MX inspektor-gadget.i… No Error 48 ``` 49 50 `isc-net-0000` is the name of one of the nslookup threads. 51 52 Delete the demo test namespace: 53 54 ```bash 55 $ kubectl delete ns demo 56 namespace "demo" deleted 57 ``` 58 59 ### With `ig` 60 61 Let's start the gadget in a terminal: 62 63 ```bash 64 $ sudo ig trace dns -c test-trace-dns 65 RUNTIME.CONTAINERNAME PID TID COMM QR TYPE QTYPE NAME RCODE NUMANSW… 66 ``` 67 68 Launch a container that makes DNS requests: 69 70 ```bash 71 $ docker run --name test-trace-dns -it --rm wbitt/network-multitool /bin/sh 72 / # nslookup -querytype=a inspektor-gadget.io. 8.8.4.4 73 ... 74 / # nslookup -querytype=aaaa inspektor-gadget.io. 8.8.4.4 75 ... 76 / # nslookup -querytype=mx inspektor-gadget.io. 8.8.4.4 77 ... 78 ``` 79 80 The tool will list the different DNS queries that were made: 81 82 ```bash 83 $ sudo ig trace dns -c test-trace-dns 84 RUNTIME.CONTAINERNAME PID TID COMM QR TYPE QTYPE NAME RCODE NUMANSW… 85 test-trace-dns 38797 38798 isc-net-0000 Q OUTGOING A inspektor-gadget.io. 0 86 test-trace-dns 38797 38798 isc-net-0000 R HOST A inspektor-gadget.io. No Error 2 87 test-trace-dns 38801 38802 isc-net-0000 Q OUTGOING AAAA inspektor-gadget.io. 0 88 test-trace-dns 38801 38802 isc-net-0000 R HOST AAAA inspektor-gadget.io. No Error 2 89 test-trace-dns 38807 38808 isc-net-0000 Q OUTGOING MX inspektor-gadget.io. 0 90 test-trace-dns 38807 38808 isc-net-0000 R HOST MX inspektor-gadget.io. No Error 3 91 ``` 92 93 ### Limitations 94 95 - Only DNS over UDP is supposed. See https://github.com/inspektor-gadget/inspektor-gadget/issues/1416.