[Pdns-users] Query Logging

bert hubert bert.hubert at netherlabs.nl
Fri Sep 30 09:04:39 UTC 2005 

On Thu, Sep 29, 2005 at 12:16:46PM -0700, Max Clark wrote:
> So then crazy question... Companies like UltraDNS, Netriplex, 
> DNSMadeEasy, etc... make money based on the number of queries a 
> particular domain/RR gets. How do they track this?

Odd business model. Oh well. If you want really low-weight stats, run
'tcpdump port 53 and udp' and process the output, perhaps using awk.

As other people said, turning on query logging massively increases the system
load. 

There are some nameservers out there that can really hammer your server,
tcpdump will also help you spot these.

Good luck!

> 
> - -Max
> 
> Brad Knowles wrote:
> > At 11:19 AM -0700 2005-09-29, Max Clark wrote:
> > 
> >>  I have a powerdns installation with a large amount of domains running on
> >>  the system. Recently the system has become completely overwhelmed with
> >>  queries (I am assuming that it is due to low ttl's). While the web
> >>  interface gives a lot of great information - is it possible to log each
> >>  query request to a running file for after the fact analysis?
> > 
> > 
> >     I'm not familiar with the PowerDNS implementation of query logging, 
> > but for BIND turning this on will result in roughly a factor of ten to a 
> > hundred increase in load on the server.  This is a result of the massive 
> > increase in I/O caused by writing all this data to the file.
> > 
> >     If you can afford to turn on query logging, you don't need it. If 
> > you need it, you can't afford to turn it on.
> > 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.0.2 (Build 2424)
> 
> iQEVAwUBQzw9ooNluVA/LYaIAQix/gf8CWy+XZtGWVUwhpWVno/DDloFEUk3V2kx
> qpeFgU0WaQSvve3CxY7pre9VfGVy0CtBTDRewFBWdub/WQnDheef4oAGAavZ9veF
> XYDb9eO4GuHzIqfyTEdafZWSwegUCeQGuN9rX6Op34JOkeLYHe+kmnIjenC3pRrP
> Ua40eUpDi5iEr0uuFburdBowVEIkT6O8039zImdAw3zdVslqWsszR13ADjCSURSS
> WBvmbT8ZVi6skfhfcI7REnj56qJFKBoqkYU6NTCreYZ60+L1M4vV4/PJvnk1F6rF
> BvsKC4Xm3hhW1pmQaAPE36DfFFwm89dTuMpki9AzkEpjjA6kM7/CIQ==
> =T4wP
> -----END PGP SIGNATURE-----
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
> 
> 
> !DSPAM:433c3e9f28507776915968!

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

More information about the Pdns-users mailing list