[Unbound-users] Feature request - detailed statistics about unbound
Wouter Wijngaards
wouter at NLnetLabs.nl
Tue Sep 16 08:49:37 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Stephane, Beastie,
I am making a compromise. More statistics, but not the amount nor
detail that a dedicated package like DSC provides. Without webpages
with pretty graphs and data selection user interface; that does not
belong inside the nameserver. More similar to the BIND8_STATS in NSD
than the DSC package.
As config option 'extended-statictics'; default turned off (because of
speed).
I think:
types of queries, answer error codes, validation status, and also
spoof-nearmiss-counter (a plain unwanted traffic counter).
$ unbound-control stats
thread0.num.queries: 1234
thread0.requestlist.exceeded: 0
thread1.num.queries: 1345
thread1.requestlist.exceeded: 1
total.num.queries: 12345
total.requestlist.exceeded: 1
num.query.type.AAAA: 12
num.answer.secure: 123
num.answer.bogus: 23
unwanted.replies: 200000
It does not examine the query names, server names, or addresses, as that
creates a lot of extra code (and Stephane, I hear you, that is a problem).
Is this format easy to use as input for rrdtool, cacti, munin, ... ?
I could also print out:
unwanted_replies=200000
Best regards,
Wouter
Stephane Bortzmeyer wrote:
> On Fri, Sep 12, 2008 at 04:18:02PM +0300,
> Beastie <beastie24 at gmail.com> wrote
> a message of 22 lines which said:
>
>> It would be very useful to have the ability to see additional
>> information insight of the unbound statistics reports.
>
> My personal opinion: no.
>
>> In general it would be grate to have separate tool/command that will
>> produces this kind of statistics.
>
> A name server is already complicated enough and I no longer think it
> is a good idea to complicate it further with statistics, specially
> because of the security problems that may arise. Keep the code small
> and clean, please.
>
> Statistics are, in my opinion, best handled with completely separate
> programs which sniff the requests and the responses. I recommend DSC
> <https://www.dns-oarc.net/oarc/src/dsc>
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkjPcyEACgkQkDLqNwOhpPjLdgCeJEDG2BjgkE6usVT+Wiq0xiPN
NtkAniJrZOJ+BlU/s9QWhOkxVSNXtSGC
=765M
-----END PGP SIGNATURE-----
More information about the Unbound-users
mailing list