[dnsdist] greqp - how to read?
Bit World Computing - Michael Mertel
michael.mertel at bwc.de
Thu Jul 14 09:17:59 UTC 2016
> Am 14.07.2016 um 11:05 schrieb bert hubert <bert.hubert at powerdns.com>:
>
> On Thu, Jul 14, 2016 at 11:00:45AM +0200, Bit World Computing - Michael Mertel wrote:
>>> If you see only this, I think it did not get forwarded.
>> greqp returns thousands of lines like this, and every once in a while the line with the answers from 8.8.8.8 or 8.8.4.4.
>
> This is probably because of the cache you use. I think answers from the
> cache don't show up in grepq, but not entirely sure.
>
> Can you test without the cache?
>
Yes, it looks different without cache, maybe something to add in a later version of dnsdist.
Time Client Server ID Name Type Lat. TC RD AA Rcode
-34.1 192.168.44.3:40327 34466 kas-av-updates.mailfrontier.net. A RD Question
-34.1 192.168.44.3:40327 8.8.8.8:53 34466 kas-av-updates.mailfrontier.net. A 30.6 RD No Error. 2 answers
-27.0 192.168.44.3:38593 24653 kas-av-updates.mailfrontier.net. A RD Question
-25.9 192.168.44.3:38593 8.8.8.8:53 24653 kas-av-updates.mailfrontier.net. A 1087.1 RD No Error. 2 answers
-22.9 192.168.44.3:43596 31164 kas-av-updates.mailfrontier.net. A RD Question
-22.9 192.168.44.3:43596 8.8.8.8:53 31164 kas-av-updates.mailfrontier.net. A 32.2 RD No Error. 2 answers
-3.7 192.168.44.3:42554 6023 kas-av-updates.mailfrontier.net. A RD Question
-3.6 192.168.44.3:42554 8.8.8.8:53 6023 kas-av-updates.mailfrontier.net. A 29.9 RD No Error. 2 answers
>>> dumpStats()
>> acl-drops 0 latency0-1 45246
>> block-filter 0 latency1-10 19
>> cache-hits 45244 latency10-50 3448
>> cache-misses 4084 latency100-1000 277
>> cpu-sys-msec 32576 latency50-100 321
>> cpu-user-msec 53264 no-policy 4
>> downstream-send-errors 0 noncompliant-queries 0
>> downstream-timeouts 8 noncompliant-responses 0
>> dyn-block-nmg-size 0 queries 49349
>> dyn-blocked 0 rdqueries 49349
>> empty-queries 0 real-memory-usage 16490496
>> fd-usage 16 responses 4093
>> latency-avg100 5115.7 rule-drop 0
>> latency-avg1000 4865.1 rule-nxdomain 0
>> latency-avg10000 5421.1 self-answered 0
>> latency-avg1000000 210.5 servfail-responses 4
>> latency-slow 26 trunc-failures 0
>> uptime 90925
>
> Almost all answers are coming from the cache, so that would match with them
> not showing up in grepq most of the time.
>
> What is the output of "dig kas-av-updates.mailfrontier.net
> @your-dnsdist-ip“?
>
; <<>> DiG 9.10.3-P4-Ubuntu <<>> kas-av-updates.mailfrontier.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6871
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;kas-av-updates.mailfrontier.net. IN A
;; ANSWER SECTION:
kas-av-updates.mailfrontier.net. 1799 IN CNAME web.mailfrontier.net.
web.mailfrontier.net. 119 IN A 204.212.170.14
;; Query time: 27 msec
;; SERVER: 192.168.44.49#53(192.168.44.49)
;; WHEN: Thu Jul 14 11:11:17 CEST 2016
;; MSG SIZE rcvd: 94
> Bert
>
>
>>
>>> Thanks!
>>>
>>> Note that 8.8.4.4 might be rate limiting you, it does that..
>>>
>>> Bert
>>>
>>
>>>> -41.5 192.168.44.3:40450 45885 kas-av-updates.mailfrontier.net. A RD Question
>>>> -41.0 192.168.44.3:35357 28157 kas-av-updates.mailfrontier.net. A RD Question
>>>> -40.2 192.168.44.3:37069 56087 kas-av-updates.mailfrontier.net. A RD Question
>>>> -39.7 192.168.44.3:46550 18199 kas-av-updates.mailfrontier.net. A RD Question
>>>> -38.9 192.168.44.3:43979 28665 kas-av-updates.mailfrontier.net. A RD Question
>>>> -38.0 192.168.44.3:40127 49118 kas-av-updates.mailfrontier.net. A RD Question
>>>> -38.0 192.168.44.3:40127 8.8.4.4:53 49118 kas-av-updates.mailfrontier.net. A 25.1 RD No Error. 2 answers
>>>> -37.6 192.168.44.3:54373 15793 kas-av-updates.mailfrontier.net. A RD Question
>>>> -36.8 192.168.44.3:50603 20839 kas-av-updates.mailfrontier.net. A RD Question
>>>> -35.8 192.168.44.3:59500 35732 kas-av-updates.mailfrontier.net. A RD Question
>>>> -35.1 192.168.44.3:58254 9095 kas-av-updates.mailfrontier.net. A RD Question
>>>> -34.3 192.168.44.3:51857 43880 kas-av-updates.mailfrontier.net. A RD Question
>>>> -33.8 192.168.44.3:44658 52531 kas-av-updates.mailfrontier.net. A RD Question
>>>> -33.4 192.168.44.3:52281 9542 kas-av-updates.mailfrontier.net. A RD Question
>>>> -32.9 192.168.44.3:59384 46892 kas-av-updates.mailfrontier.net. A RD Question
>>>>
>>>>
>>>> The machine with the dnsdist installed resolves kas-av-updates.mailfrontier.net just fine.
>>>>
>>>> I wasn’t able to find any RCODE=2 or RCODE=3 responses for that specific dns name.
>>>>
>>>> Help highly appreciated.
>>>>
>>>> —Michael
>>>
>>>
>>>
>>>> _______________________________________________
>>>> dnsdist mailing list
>>>> dnsdist at mailman.powerdns.com
>>>> https://mailman.powerdns.com/mailman/listinfo/dnsdist
>>
>> —Michael
>>
>
>
>
>> _______________________________________________
>> dnsdist mailing list
>> dnsdist at mailman.powerdns.com
>> https://mailman.powerdns.com/mailman/listinfo/dnsdist
—
Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2297 bytes
Desc: not available
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20160714/c0607ce7/attachment.bin>
More information about the dnsdist
mailing list