FreeBSD dnstop: Monitor and Display DNS Server Traffic On Your Network

Q. How do I monitor my BIND dns server traffic om my network under FreeBSD operating systems?

A. You can displays various tables of DNS traffic on your network using dnstop. dnstop is a small tool to listen on device or to parse the file savefile and collect and print statistics on the local network’s DNS traffic. You must have read access to /dev/bpf*.


Install dnstop under FreeBSD

Type the following commands
# portsnap fetch update
# cd /usr/ports/dns/dnstop/
# make install clean

How do I monitor DNS server stats in real time?

Simply type the dnstop as follows:
# dnstop {interface-name}
# dnstop em0
# dnstop fxp0

(Fig.01: dnstop in action)

(Fig.01: dnstop in action)

To exit the program press ^X (CTRL + X). To reset the counters hit CTRL+R. You can try following keys to view diffrent data while running dnstop:

  • s : display the source address table
  • d : display the destination address table
  • t : display the breakdown of query types seen
  • o : display the breakdown of opcodes seen

For further information read dnstop man page:
$ man dnstop

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.