Skip to content

Commit

Permalink
chore: dns docs amendment
Browse files Browse the repository at this point in the history
  • Loading branch information
nddq committed Mar 19, 2024
1 parent 7eedecf commit 6304946
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions docs/metrics/plugins/dns.md
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
# `dns` (Linux)

Counts number of packets/bytes dropped on a Node, along with the direction and reason for drop.
Captures both incoming and outgoing DNS traffic, providing various metrics and details about the DNS queries and responses.

## Metrics

See metrics for [Basic Mode](../basic.md#plugin-dns-linux) or [Advanced Mode](../advanced.md#plugin-dns-linux).

## Architecture

The plugin utilizes eBPF to gather data.
The plugin generates Basic metrics from an eBPF result.
In Advanced mode (see [Metric Modes](../modes.md)), the plugin turns this eBPF result into an enriched `Flow` (adding Pod information based on IP), then sends the `Flow` to an external channel so that a dns module can create extra Pod-Level metrics.
This plugin fundamentally relies on [Inspektor Gadget](https://github.com/inspektor-gadget/inspektor-gadget)'s DNS Tracer for monitoring DNS traffic. It uses eBPF (Extended Berkeley Packet Filter) to efficiently track DNS events. Following the capture of these events, the plugin generates basic metrics derived from the eBPF results.

In its Advanced mode (refer to [Metric Modes](https://retina.sh/docs/metrics/modes) for more details), the plugin further processes the eBPF results into an enriched Flow. This Flow includes additional Pod information, determined by IP. Subsequently, the Flow is transmitted to an external channel. This allows a DNS module to generate additional Pod-Level metrics.

### Code locations

Expand Down

0 comments on commit 6304946

Please sign in to comment.