[dnsdist] [Pdns-users] dnsdist drops packet
bert hubert
bert.hubert at powerdns.com
Mon Jan 4 23:13:31 UTC 2016
On Mon, Jan 04, 2016 at 11:04:12PM +0000, Federico Olivieri wrote:
> Hi,
>
> Just a question from my side. There is any way to understand, from the
> total count of packet dropped, how many packets have been dropped for
> SERVFAIL?
Hi Federico,
We don't drop queries for servfail. We just pass it along. However, with the
following, you can get stats:
topResponses(10, 2)
This shows the top-10 servfail responses.
If you look with dumpStats():
acl-drops 0 latency1-10 0
block-filter 0 latency10-50 0
cpu-sys-msec 14 latency100-1000 0
cpu-user-msec 19 latency50-100 0
downstream-send-errors 0 no-policy 0
downstream-timeouts 0 noncompliant-queries 0
dyn-block-nmg-size 0 queries 7
dyn-blocked 0 rdqueries 7
fd-usage 15 real-memory-usage 7151616
latency-avg100 22.0 responses 5
latency-avg1000 2.2 rule-drop 0
latency-avg10000 0.2 rule-nxdomain 0
latency-avg1000000 0.0 self-answered 0
latency-slow 0 servfail-responses 5
latency0-1 5 trunc-failures 0
uptime 101
You see 'servfail-responses' counted. The downstream-timeouts metric does
eventually get updated, I just wrote a change that makes this metric react
more quickly.
Bert
>
> Thank You
>
> Federico
>
> 2016-01-04 18:14 GMT+00:00 bert hubert <bert.hubert at powerdns.com>:
>
> > On Sat, Dec 19, 2015 at 04:34:11PM +0100, bert hubert wrote:
> > > Could be, we have the infrastructure to give insight into that but we
> > don't
> > > make it easy yet:
> >
> > Hi Aleš,
> >
> > As of right now (the packages that are building now), you can do:
> >
> > grepq("3000ms")
> >
> > And get all timeouts. It also shows you which downstream caused the
> > timeout.
> >
> > > grepq("3000ms")
> > Time Client Server ID
> > Name Type Lat. TC RD AA Rcode
> > -67.0 127.0.0.1:44898 8.8.4.4:53
> > 1853 ds9a.com. A 3433.1 RD No Error. 1 answers
> > -54.5 127.0.0.1:41892 8.8.4.4:53
> > 32463 ezdns.it. A T.O No Error. 0 answers
> > -49.3 127.0.0.1:41892 8.8.4.4:53
> > 32463 ezdns.it. A T.O No Error. 0 answers
> > -44.2 127.0.0.1:41892 8.8.4.4:53
> > 32463 ezdns.it. A T.O No Error. 0 answers
> >
> > Or use topSlow():
> > > topSlow()
> > 1 ezdns.it. 3 75.0%
> > 2 ds9a.com. 1 25.0%
> > 3 Rest 0 0.0%
> >
> > You can also do topSlow(10, 4000) to get everything slower than 4000
> > milliseconds, or even topSlow(10, 4000, 1) which will group everything by
> > tld.
> >
> > Can you let us know if this is what you need?
> >
> > Bert
> >
> >
> > >
> > > > grepq(".")
> > > Time Client ID Name
> > Type Lat. TC RD AA Rcode
> > > -25.0 127.0.0.1:59117 13086 ds9a.nl.
> > A RD Question
> > > -21.2 127.0.0.1:59117 0 ds9a.nl.
> > A 0.0 No Error. 0 answers
> > > -20.0 127.0.0.1:59117 13086 ds9a.nl.
> > A RD Question
> > > -16.2 127.0.0.1:59117 0 ds9a.nl.
> > A 0.0 No Error. 0 answers
> > > -15.0 127.0.0.1:59117 13086 ds9a.nl.
> > A RD Question
> > > -11.2 127.0.0.1:59117 0 ds9a.nl.
> > A 0.0 No Error. 0 answers
> > >
> > > This "knows" about timeouts to backends, but we don't make it easy to
> > "grep" for them.
> > >
> > > Will add this as a feature.
> > >
> > > Bert
> > >
> > > >
> > > > Regards
> > > > Ales
> > > >
> > > >
> > > > On Saturday 19 of December 2015 13:20:35 Federico Olivieri wrote:
> > > > > Hi guys,
> > > > >
> > > > > Nobody has any clue for this? I woukd try to understand why dnsdist
> > shows
> > > > > some dropped packets. There is any debug that can help me to
> > understand why
> > > > > it os happen?
> > > > >
> > > > > Thanks and Merry Christmas!!!
> > > > >
> > > > > Federico
> > > > >
> > > > > On 18 Dec 2015 14:22, "Federico Olivieri" <lvrfrc87 at gmail.com>
> > wrote:
> > > > > > Hi all,
> > > > > >
> > > > > > I have a raspberry that is running dnsdist with this configuration:
> > > > > >
> > > > > > newServer{address="192.168.0.3:53"}
> > > > > > newServer{address="127.0.0.1:5300", pool="abuse"}
> > > > > > addPoolRule({"wpad.domain.name"}, "abuse")
> > > > > > webserver("192.168.0.2:8083", "supersecret")
> > > > > > addACL("0.0.0.0/0")
> > > > > > addACL("::/0")
> > > > > > carbonServer('37.252.122.50', 'raspi-836', 30)
> > > > > >
> > > > > > I don't know why, but on webserver I can see some packets dropped
> > from the
> > > > > > primary server and I don't understand the reason why. There is not
> > any
> > > > > > queries rate for that server
> > > > > >
> > > > > >
> > #NameAddressStatusQueriesDropsQPSOutWeightOrderPools0192.168.0.3:53up24108
> > > > > > 6720111127.0.0.1:5300up10100011abuse
> > > > > >
> > > > > > Do you have any idea why there are some dropped packets?
> > > > > >
> > > > > > Also, I added this line of conf. I could see the queries to goolge
> > but I
> > > > > > could see also the queries to a.root server. Seems that the
> > command does
> > > > > > not overwrite the default one. Is it the aspect behaviour?
> > > > > >
> > > > > > newServer {address="192.168.0.3", checkType="A",
> > > > > > checkName="www.google.com.", mustResolve=true}
> > > > > >
> > > > > > Last question: I added the carbon server. I can see the server on
> > > > > > https://metronome1.powerdns.com/ but no one graph is plotted
> > > > > >
> > > > > > Thank you for your time.
> > > > > >
> > > > > > BTW, dnsdist seems very useful and powerful!!!
> > > > > >
> > > > > > Federico
> > > >
> > >
> > > > _______________________________________________
> > > > Pdns-users mailing list
> > > > Pdns-users at mailman.powerdns.com
> > > > http://mailman.powerdns.com/mailman/listinfo/pdns-users
> > >
> > >
> > > _______________________________________________
> > > dnsdist mailing list
> > > dnsdist at mailman.powerdns.com
> > > http://mailman.powerdns.com/mailman/listinfo/dnsdist
> >
> > _______________________________________________
> > dnsdist mailing list
> > dnsdist at mailman.powerdns.com
> > http://mailman.powerdns.com/mailman/listinfo/dnsdist
> >
More information about the dnsdist
mailing list