Calculating queries per second (BIND 9)

Brad Knowles brad.knowles at skynet.be
Thu May 17 13:59:43 UTC 2001 

At 2:18 PM +0100 5/17/01, Chris Pile wrote:

>  I still think that the one liner script gives a good idea how busy your
>  DNS server is (at that particular point in time).

	For that one second, not counting the additional work the system 
has to do to turn on and turn off querylogging, run your scripts, 
etc..., it might be okay (so long as you take time to properly 
summarize the output from querylogging, and don't just count the 
lines).

	However, if you're having bullets fired at you, the second before 
you get hit, you probably won't feel much pain.  If all you ever do 
is take a look at individual per-second slices of someone's life, 
odds are you're not going to get a very good picture of what they're 
feeling on the whole, or how you could best help them achieve some 
goal.

>  I read some postings where figures of 1300 queries per second were
>  quoted, and was wondering how these figures were calculated.

	Those are likely to be peaks sustained over a short period of 
time.  In my experience, on really high volume nameservers, you can't 
really afford to have querylog turned on all the time -- it just 
soaks up too much system resources.  So, instead you need to take a 
look at hourly or even minute-by-minute (or every five minutes) 
snapshots of statistics that you can get from BIND.  Unfortunately, 
while these sorts of things can be relatively easily done with BIND 
8, I do not believe that BIND 9 has as much support for this sort of 
thing as you'd need.

	The statistics snapshots don't give you a query-by-query picture 
of what exactly is being asked, by whom, and when, but they do at 
least give you enough visibility into what's going on that you can do 
things such as measure how many queries BIND has seen since you last 
dumped the statistics, and you can measure for yourself how much time 
has passed, so then you can calculate query rates per minute, etc....

	At my previous employer, we did quite a lot of this sort of thing 
with some custom tools on top of SNMP and mrtg, and later using 
rrdtool plus some of our own custom configuration management tools 
instead of Cricket or Orca.

-- 
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'

More information about the bind-users mailing list