unexpected behaviour of rndc dnstap -roll

Jakob Dhondt jakob.dhondt at switch.ch
Wed Jun 17 15:55:06 UTC 2020

Hi everyone,

I am generating dnstap files using bind and regularly roll them using
'rndc dnstap -roll [number]'. The way I understand the documentation is
that there should be max [number] old dnstap files after executing this
command but what actually happens is that all files are being kept so
that I have to remove the old ones myself.

This is what the documentation says:

dnstap ( -reopen | -roll [number] )
... If number is specified, then the number of backup log files is
limited to that number.

Am I missing something here? Is the behaviour that I'm observing the
expected one? The logs don't tell me much and I couldn't find any hints
about this on the Internet. Thanks for any help!

Kind regards,



Jakob Dhondt, Security Engineer, SWITCH-CERT
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 15, direct +41 44 268 16 23
jakob.dhondt at switch.ch, www.switch.ch
Security-News: securityblog.switch.ch

More information about the bind-users mailing list