Could more detail be added to the query log to show the query protocol used (eg Do53, DoT, DoH)?
It would be useful if BIND could log the query protocol used by the client - e.g. Do53, DoT, DoH. This would allow system administrators to understand the proportion of different types of queries and to help determine any additional resource overhead (e.g. the computational resource overhead of encryption for DoT or DoH)
The logging statement grammar should be enhanced to allow the system administrator to (optionally?) include the protocol type for the query. If the system administrator chooses to enable protocol logging then it may be preferable to use a simple integer value for the chosen field, eg:
1 = Do53, 2 = DoT, 3 = DoH (non-TLS, eg behind HTTPS load balancer), 4 = DoH (TLS)
This would allow for future protocols at a later date
Links / references
I have looked in the BIND 9.17 ARM and can see no reference to BIND being able to log the query protocol used by the client, but I am happy to be corrected if this feature already exists.