monitoring BIND

Karl Auer kauer at
Wed Jul 13 14:43:34 UTC 2011

We have some nameservers :-) that are used by quite a few thousands of
people. Every now and then someone comes to us and complains that the
DNS is responding slowly. Sometimes they are right, and we find the
problem and fix it. But most of the time everything runs fine, and the
DNS is not, in fact, responding slowly when that someone comes to
complain. It turns out to be their PC, or a local network issue, or

So we have a homegrown system in place that watches the traffic to and
from the nameservers, matches queries to answers, ignores everything
else, and notes how long it was between the question going past and the
answer going past in the opposite direction. It writes summarised
information second by second into a database so we can see exactly when
problems with response times happen, how long they happen for, and how
bad they are when they happen.

Our system has two faults (well, two that we are actually concerned
about): It only watches UDP, and it can't deal with fragmented packets.

So I was wondering if there is a better solution out there?

Regards, K.

Karl Auer (kauer at                   +61-2-64957160 (h)                   +61-428-957160 (mob)

GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the bind-users mailing list