Calculating queries per second (BIND 9)

Chris Pile cpile at snoogans.co.uk
Thu May 17 13:18:04 UTC 2001 

I kinda worked that out anyway.  Of course doing this at 2am would
reveal different results from doing it at 10am.  But I take it that
using "rndc querylog" is the best way to see how many queries you are
getting per second.

I still think that the one liner script gives a good idea how busy your
DNS server is (at that particular point in time).  I returned three
values just to highlight the fact that it does change rapidly.  Of
course other tools such as "top", "rndc stats" and "netstat -w 1" etc
also help.  Miguel mentioned tcpdump, but I haven't compiled bpf into
the kernel.

I read some postings where figures of 1300 queries per second were
quoted, and was wondering how these figures were calculated.

You did highlight a good point though, I may consider doing a more in
depth investigation over a longer period.  Although that would create
one hell of a large log file (or files if you rotate them), almost 200MB
an hour maybe.  Still it should be fairly trivial to script up some
stats from the log files.


Thanks,
Chris.


Brad Knowles wrote:
> 
> At 10:58 AM +0100 5/17/01, Chris Pile wrote:
> 
> >  I have been using the following to determine how many queries our
> >  caching DNS server performs each second.  Just wondering if this
> >  gives a good/accurate reading.  Also might be useful for anyone else.
> >
> >  for i in 1 2 3;do > /var/log/querylog;rndc querylog;sleep 1;rndc
> >querylog;wc /var/log/querylog;sleep 5;done
> 
>         No, this doesn't.  To really get a good idea, you need to have
> "querylog" turned on for an extended period of time (e.g., multiple
> days or even multiple weeks) and look at the history of queries over
> that period.
> 
>         You need to know what your peak query rates are (and you'll only
> find that by having querylog running all the time and then searching
> for the peaks), as well as your average querylog rates on a per
> minute, per hour, and per day rate.
> 
> --
> Brad Knowles, <brad.knowles at skynet.be>
> 
> /*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
> /*       Represented as 1045 digit prime number by Phil Carmody         */
> /*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
> /*                                                                      */
> /*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
> /*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */
> 
> dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'

More information about the bind-users mailing list