Re: Measuring DNS Performance & Graphing Logs

[charles () thefnf org]

On 2015-05-21 06:15, Zayed Mahmud wrote:

> I've tried cacti but failed to get desired logs. i've also tried bind
> graph...but it consumes too much memory in the long run.


How constrained are your servers? What is "too much memory"? What logs 
are you looking for?
Have you tried looking at the syslog? What is your level of experience 
with system/network
administration? (Not trying to be insulting, genuinely curious).

> can u suggest some suitable tools that i can measure the performance of 
> the
> dns servers?

What sort of performance? What metrics are you trying to track? Please 
provide more details about exactly what you want.
That will help us give you very specific suggestions. (We provide advice 
for free, have very busy schedules, the more specific
you are the better).

Deploy smokeping as has already been referenced in this thread. Zenoss 
also has graphing/monitoring of DNS. (I stay away from cacti/nagios 
personally for small deployments). Cati/Nagios are PHENOMANAL tools if 
you have a fully programmatic/automated deployment process that can 
populate cacti/nagios automatically.


like what shud b active and what shud not be in general safe
> dns server practice

As with the vast majority of widely deployed software packages 
(Microsoft,debian,cisco etc), the vendor provides support/documentation 
right on their website:
https://www.isc.org/support/

I always recommend to people that they spend about 70% of implementation 
time on reading the docs/understanding/researching terms/concepts they 
don't know for the system they are deploying, 20% on testing, 10% on 
actual go live.

I've seen way too many operators rush to deploy something and thoroughly 
break a production network.

 and check against my own settings or whatever the tool
> can query, something like nmap.

I recommend openvas.org if you want a tool for internal use (it's free, 
very comparable to Nessus). Not that Nessus isn't a good product, it's 
just a pain to deal with the licensing system etc (requires too much 
sysadmin time to maintain at least in my deployment).


this would be really helpful. i just need
> to make a report about my dns servers for my boss...and i'm clueless 
> what
> to point out and what not to or how to evaluate it's performance. i'm
> running bind9 under unix environment.


What are the requirements of the report?

> thanks in advance.