It will be a couple of months before I do this. This will be a breaking change if you presently consume Dnstap telemetry directly.
It's worth noting at the outset that consuming Dnstap telemetry depends on the ShoDoH framestreams consumer already. This is tightly coupled, whereas the dnstap_agent consumes Dnstap telemetry and emits JSON as UDP datagrams. At the present time Rear View RPZ supports both methods.
Rear View RPZ UDP telemetry consumption is (already) compatible with the output of ShoDoHFlo dnstap_agent.py.
This decouples the need for Rear View RPZ to be on the same host as BIND and dnstap_agent.py. (If you have more than one dns server then Rear View RPZ necessarily will be on a different host than at least one of them.)
Provides the mechanism for Rear View RPZ to consume the telemetry from all of your caching / recursive servers.
Removes the need for cloning ShoDoHFlo in order to run Rear View RPZ when BIND is running on a different host. (Presently required even if unused.)
Removes the need for a symlink to ShoDoHFlo or another method to find the shodohflo library module (obviating any related motivation for writing an installer).
Will simplify support and package management going forward.
I will write a Telemetry Quickstart prior to removing direct support for Dnstap.
You can run the ShoDoHFlo dnstap_agent today and consume its telemetry; this is the recommended configuration for new deployments. If somebody feels like writing the quickstart for me I will graciously accept the contribution!
It will be a couple of months before I do this. This will be a breaking change if you presently consume Dnstap telemetry directly.
It's worth noting at the outset that consuming Dnstap telemetry depends on the ShoDoH framestreams consumer already. This is tightly coupled, whereas the dnstap_agent consumes Dnstap telemetry and emits JSON as UDP datagrams. At the present time Rear View RPZ supports both methods.
This will remove the tight coupling to ShoDoHFlo.
dnstap_agent.py.dnstap_agent.py. (If you have more than one dns server then Rear View RPZ necessarily will be on a different host than at least one of them.)shodohflolibrary module (obviating any related motivation for writing an installer).I will write a Telemetry Quickstart prior to removing direct support for Dnstap.
You can run the ShoDoHFlo
dnstap_agenttoday and consume its telemetry; this is the recommended configuration for new deployments. If somebody feels like writing the quickstart for me I will graciously accept the contribution!