Named/BIND i statistika istog – deo 1

Napomena : govorimo o BIND-9.8.2 verziji.
Ima dva načina da se dobije statistički izlaz :

1. Stats kanal – da bi ovo radilo, u top level named.conf fajla dodati ovaj red :
statistics-channels {
inet 127.0.0.1 port 8123 allow { 127.0.0.1; };
};
I da, možete u “allow” dodati i druge IP adrese, ali džaba, vidi se samo na lokalnom hostu. Daje GOMILU podataka, od koji 3/4 nemam pojma šta su.

2. Stats fajl – da bi ovo radilo, u Options deo named.conf fajla staviti odgovarajuću liniju :
options {
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
allow-query { any; };
allow-transfer {
127.0.0.1;
};
};
E sad, andrak je u tome, što ovo NEĆE automatski napraviti fajl sa statistikama na navedenoj lokaciji. Mora se još dodatno izvršiti i komanda (to retrieve stats, issue the rndc stats command. This will instruct BIND to dump the stats to the statistics-file as configured in named.conf) :
# rndc stats
I tek ONDA se generiše dati fajl.
Dakle za pristojne statistike, ovaj fajl treba generisati i analizirati na svakih 5 do 10 minuta.
Izgled fajla :
Napomena : Paziti promenljive su KUMULATIVNE!!!!
# more named_stats.txt
+++ Statistics Dump +++ (1398688496)
The number in parentheses is a standard Unix-style timestamp, measured as seconds since January 1, 1970.
++ Incoming Requests ++
2789 QUERY
++ Incoming Queries ++
1523 A
Address query. Najčešći oblik upita, odgovor je IPv4 adresa.
62 NS
Name server query. Internally, name servers generate NS queries when they are trying to look up servers for the root zone. Externally, applications like dig and nslookup can also be used to look up NS records. This record is the authoritative name server for the domain.
115 PTR
The pointer queries map addresses to names. Many kinds of software look up IP addresses: inetd, rlogind, rshd, network management software, and network tracing software. This record is a pointer to another part of the domain name space.
406 MX
Mailers like sendmail make mail exchanger queries as part of the normal electronic mail delivery process.
162 TXT
Text query.
521 AAAA
Odnosi se na IPv6 AAAA zapis.
++ Outgoing Queries ++
[View: default]
6929 A
562 NS
1156 PTR
669 MX
1235 TXT
1540 AAAA
[View: _bind]
++ Name Server Statistics ++
Brojači čija je vrednost 0 se ne prikazuju.
2789 IPv4 requests received
2716 responses sent
372 queries resulted in successful answer
1387 queries resulted in authoritative answer
459 queries resulted in nxrrset
1329 queries resulted in SERVFAIL
556 queries resulted in NXDOMAIN
1402 queries caused recursion
1 duplicate queries received
2 queries dropped
Važna napomena : Each query received by the server will cause exactly one of success,
referral, nxrrset, nxdomain, or failure to be incremented, and may additionally cause the recursion counter to be incremented.
++ Zone Maintenance Statistics ++
++ Resolver Statistics ++
[Common]
[View: default]
9439 IPv4 queries sent
2652 IPv6 queries sent
11099 query retries
9372 query timeouts
2 IPv4 NS address fetches
9 IPv6 NS address fetches
2 IPv4 NS address fetch failed
9 IPv6 NS address fetch failed
[View: _bind]
++ Cache DB RRsets ++
[View: default]
[View: _bind (Cache: _bind)]
++ Socket I/O Statistics ++
9449 UDP/IPv4 sockets opened
2652 UDP/IPv6 sockets opened
4 TCP/IPv4 sockets opened
9380 UDP/IPv4 sockets closed
2652 UDP/IPv6 sockets closed
8 TCP/IPv4 sockets closed
8 UDP/IPv4 socket bind failures
2652 UDP/IPv6 socket connect failures
9439 UDP/IPv4 connections established
9 TCP/IPv4 connections accepted
2652 UDP/IPv6 send errors
++ Per Zone Query Statistics ++
— Statistics Dump — (1398688496)
2716 responses sent
…..

Šta je šta u stats fajlu
Odličan dokument se nalazi ovde.
Incoming Requests – The number of incoming DNS requests for each OPCODE.
Incoming Queries – The number of incoming queries for each RR (resource record) type.
Outgoing Queries – The number of outgoing queries for each RR type sent from the internal resolver. Maintained per view.
Name Server Statistics – Statistics counters about incoming request processing.
Zone Maintenance Statistics Statistics – counters regarding zone maintenance operations such as zone transfers.
Resolver Statistics – Statistics counters about name resolution performed in the internal resolver. Maintained per view.
Cache DB RRsets – The number of RRsets per RR type and nonexistent names stored in the cache database. If the exclamation mark (!) is printed for a RR type, it means that particular type of RRset is known to be nonexistent (this is also known as ”NXRRSET”). Maintained per view.
Socket I/O Statistics – Statistics counters about network related events.