[dnsdist] greqp - how to read?

Bit World Computing - Michael Mertel michael.mertel at bwc.de
Thu Jul 14 09:00:45 UTC 2016 

Hi Bert,

thanks for looking into this.


> Am 14.07.2016 um 10:39 schrieb bert hubert <bert.hubert at powerdns.com>:
> 
> On Thu, Jul 14, 2016 at 10:36:57AM +0200, Bit World Computing - Michael Mertel wrote:
>> Hi,
>> 
>> a vendor is complaining about our dnsdist powered resolver. For that reason I tried to figure out if there are any resolving issues.
>> 
>> If I grep for the query in question I’am getting this (shortened) output. Does ist mean it only got once forwarded to 8.8.4.4 and what about the other queries? How can I tell if the query got answered or not? Does ist get answered from the cache and how can I tell?
>> 
>> 
>> -42.1   192.168.44.3:59399                                           21448 kas-av-updates.mailfrontier.net. A               RD    Question
> 
> If you see only this, I think it did not get forwarded.
> 
greqp returns thousands of lines like this, and every once in a while the line with the answers from 8.8.8.8 or 8.8.4.4.

> Can you share your dnsdist.conf?
> 
controlSocket("0.0.0.0")
setKey(„nothingforthepublic")

webserver('192.168.44.49:8053', ‚webpwd', ‚apipwd')

setLocal("192.168.44.49:53")
setACL("192.168.44.0/24") 

truncateTC(true)

pc = newPacketCache(10000, 86400, 0, 60, 60)
getPool(""):setCache(pc)

addPoolRule({„company-dom01.local."}, "internal")
addPoolRule({„company.de."}, "internal")

newServer("8.8.8.8")
newServer("8.8.4.4")
newServer({address="10.5.64.61", pool="internal“})

> Have you checked the built-in webserver? It might give you hints.
> 
8.8.4.4 did had 8 drops, the 8.8.8.8 had none.

> Can you show dumpStats()?
> 
> dumpStats()
acl-drops              	          0    latency0-1             	      45246
block-filter           	          0    latency1-10            	         19
cache-hits             	      45244    latency10-50           	       3448
cache-misses           	       4084    latency100-1000        	        277
cpu-sys-msec           	      32576    latency50-100          	        321
cpu-user-msec          	      53264    no-policy              	          4
downstream-send-errors 	          0    noncompliant-queries   	          0
downstream-timeouts    	          8    noncompliant-responses 	          0
dyn-block-nmg-size     	          0    queries                	      49349
dyn-blocked            	          0    rdqueries              	      49349
empty-queries          	          0    real-memory-usage      	   16490496
fd-usage               	         16    responses              	       4093
latency-avg100         	       5115.7  rule-drop              	          0
latency-avg1000        	       4865.1  rule-nxdomain          	          0
latency-avg10000       	       5421.1  self-answered          	          0
latency-avg1000000     	        210.5  servfail-responses     	          4
latency-slow           	         26    trunc-failures         	          0
                                      uptime                 	      90925

> Thanks!
> 
> Note that 8.8.4.4 might be rate limiting you, it does that..
> 
> 	Bert
> 

>> -41.5   192.168.44.3:40450                                           45885 kas-av-updates.mailfrontier.net. A               RD    Question
>> -41.0   192.168.44.3:35357                                           28157 kas-av-updates.mailfrontier.net. A               RD    Question
>> -40.2   192.168.44.3:37069                                           56087 kas-av-updates.mailfrontier.net. A               RD    Question
>> -39.7   192.168.44.3:46550                                           18199 kas-av-updates.mailfrontier.net. A               RD    Question
>> -38.9   192.168.44.3:43979                                           28665 kas-av-updates.mailfrontier.net. A               RD    Question
>> -38.0   192.168.44.3:40127                                           49118 kas-av-updates.mailfrontier.net. A               RD    Question
>> -38.0   192.168.44.3:40127                              8.8.4.4:53   49118 kas-av-updates.mailfrontier.net. A     25.1      RD    No Error. 2 answers
>> -37.6   192.168.44.3:54373                                           15793 kas-av-updates.mailfrontier.net. A               RD    Question
>> -36.8   192.168.44.3:50603                                           20839 kas-av-updates.mailfrontier.net. A               RD    Question
>> -35.8   192.168.44.3:59500                                           35732 kas-av-updates.mailfrontier.net. A               RD    Question
>> -35.1   192.168.44.3:58254                                           9095  kas-av-updates.mailfrontier.net. A               RD    Question
>> -34.3   192.168.44.3:51857                                           43880 kas-av-updates.mailfrontier.net. A               RD    Question
>> -33.8   192.168.44.3:44658                                           52531 kas-av-updates.mailfrontier.net. A               RD    Question
>> -33.4   192.168.44.3:52281                                           9542  kas-av-updates.mailfrontier.net. A               RD    Question
>> -32.9   192.168.44.3:59384                                           46892 kas-av-updates.mailfrontier.net. A               RD    Question
>> 
>> 
>> The machine with the dnsdist installed resolves kas-av-updates.mailfrontier.net just fine.
>> 
>> I wasn’t able to find any RCODE=2 or RCODE=3 responses for that specific dns name.
>> 
>> Help highly appreciated.
>> 
>> —Michael
> 
> 
> 
>> _______________________________________________
>> dnsdist mailing list
>> dnsdist at mailman.powerdns.com
>> https://mailman.powerdns.com/mailman/listinfo/dnsdist

—Michael

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2297 bytes
Desc: not available
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20160714/3cbb17c1/attachment-0001.bin>

More information about the dnsdist mailing list