Search documentation
Fault Injection

DNS Attack

The DNS Gremlin blocks all outgoing traffic over the standard DNS port (53), optionally constrained by supplied IP addresses. This Gremlin is equivalent to running a Blackhole attack against port 53.


This Gremlin does not interact with iptables, and so it does not interfere with any existing iptables rulesets.

This Gremlin requires the NET_ADMIN capability, which is enabled for Gremlin by default at installation time. See capabilities(7)


IP Addresses-i IP addressFalse1.4.7Only impact traffic to these IP addresses. Also accepts CIDR values (i.e.
Device-d interfacesFalseDevice discovery0.0.1Impact traffic over these network interfaces. Comma separated lists and multiple arguments supported. You can define multiple interfaces starting with agent version 2.30.0.
Protocol-P {TCP, UDP, ICMP}Falseall1.4.7Only impact a specific protocol.
ProvidersWebUI and API OnlyFalse0.0.1External service providers to affect.
TagsWebUI and API OnlyFalse0.0.1Only impact traffic to hosts running Gremlin clients associated with these tags.
Length-l intFalse601.4.7The length of the attack (seconds).