High recursive client counts
Scott Bertilson
ssb at umn.edu
Wed Mar 26 19:33:39 UTC 2014
This got me to take a look at "rndc recursing" on one of our servers.
It is disappointing that queries for the same FQDN/type/class from the same
client (different source port and query ID though) are handled individually
rather than being merged somehow. Is this because of the ID or the source
port, both, or something else?
On Wed, Mar 26, 2014 at 2:05 PM, Jason Brandt <jbrandt at fsmail.bradley.edu>wrote:
> Thanks guys. I appreciate the input. I don't want to derail the list
> much though, as this is supposed to be more BIND than Cisco :)
>
> At this point my BIND installation seems to be stable, so we'll call it
> case closed. We do plan on replacing our firewalls in the near future, so
> hopefully we won't need to put much more effort into it. But again
> appreciate all the help and suggestions, it definitely pushed me in the
> right direction for finding the problem.
>
> Jason
>
>
> On Wed, Mar 26, 2014 at 12:56 PM, CARTWRIGHT, CORY C <cc3283 at att.com>wrote:
>
>> Here is a script I wrote to log and sent traps. I'm sure you'll have to
>> make a lot of changes but hopefully it can help you get started monitoring
>> the FWSM. You can use this as a template to expand upon.
>>
>> #!/usr/bin/perl
>>
>> use strict;
>> use Expect;
>> use Net::Telnet;
>> use Data::Dumper;
>> use POSIX qw(tzset);
>> use Data::Dumper;
>> use lib qw( /usr/local/rrdtool-1.2.13/lib/perl );
>> use RRDs;
>> use File::Copy;
>> use Net::SNMP qw(:asn1);
>>
>> ## quick fix for gathering codec data
>> ## not very robust !!!
>> ## author: Cory Cartwright corycartwright at sbcglobal.net
>> ##
>> ## grab cisco FWSM cpu information for RRD graphing and SNMP trap
>> generation
>> ##
>>
>> $ENV{TZ} = 'EDT';
>> POSIX::tzset();
>>
>> my $createRRD = shift || 'false';
>>
>> my $host = "MY6500|7600 host";
>> my $user = "router username";
>> my $pass = "router passwd";
>> my $fwUser = "FWSM username";
>> my $fwPasswd = "FWSM password";
>> my $comunity = "FWSM comunity string";
>> my $monitor = 'trap monitor IP'; # source that set and sent the trap
>> my @trapCatchers = qw(array of trap catchers);
>>
>> my $filename = "/var/voip/fwsm_logger.txt"; #dump file
>> my $DBfile = '/var/voip/codecDump.csv';
>>
>> my $trapThreshold = '60'; #'60'; #five sec thresh > send trap%
>> my $procThreshold = '30'; #'30' ; #threshhold before we capture sh proc
>>
>> my %meas_hash = ( 'fiveSec' => 'fiveSec',
>> 'oneMin' => 'oneMin',
>> 'fiveMin' => 'fiveMin',
>> );
>> my $rrd = '/usr/voip/bin/fwcpuRRD.rrd';
>>
>> if (! -e $rrd) { $createRRD = 'true'; }
>>
>> my $hashRef = doExec();
>>
>> if($hashRef->{'fiveSec'} >= $trapThreshold) {
>> #send trap
>> print "Sending trap\n";
>> sendTrap($hashRef->{'fiveSec'});
>> }
>>
>> createRRD($rrd,\%meas_hash) if($createRRD eq 'true');
>> updateRRD($rrd,\%meas_hash,$hashRef);
>> print " struct\n" . Dumper(%meas_hash);
>> print " data\n" . Dumper($hashRef);
>> copy($rrd,"/var/www/voipdata/fwcpuRRD.rrd");
>>
>> sub doExec {
>>
>>
>> my $exp = new Expect;
>> #$exp->log_stdout(1);
>> $exp->log_file("$filename");
>>
>> my $command = "ssh -l $fwUser $host";
>>
>> $exp->spawn($command) or die "Could not spawn $command $!";
>>
>> my $string = qr/passwd/;
>> my $return = $exp->expect(3, "$string");
>>
>> $exp->send("$pass\n");
>>
>> $return = $exp->expect(3, '7604-nh1>');
>> $exp->send("session slot 3 pro 1\n");
>>
>> $return = $exp->expect(3, /Password:/);
>> $exp->send("x1c2v3\n");
>>
>> $return = $exp->expect(3, 'sipsfw>');
>> $exp->send("enable\n");
>> $return = $exp->expect(3, "$string");
>> $exp->send("$fwPasswd\n");
>>
>> $return = $exp->expect(3, 'sipsfw#');
>> $exp->send("sh cpu\n");
>> $exp->expect(2);
>> my $cpu = $exp->before();
>> $cpu = $exp->before();
>> my %cpu = ();
>> if($cpu =~
>> /\d\sseconds\s=\s(\d+)\%\;\s\d\sminute\:\s(\d+)\%\;\s\d\sminutes\:\s(\d+)\%/g)
>> {
>> $cpu{'fiveSec'} = $1;
>> $cpu{'oneMin'} = $2;
>> $cpu{'fiveMin'} = $3;
>> print Dumper(%cpu);
>> }
>> if($cpu{'fiveSec'} >= $procThreshold) {
>> my $timestamp = "\nBEGIN: TIME: " . time . " !! " .
>> localtime(time) . "\n### CPU 5 sec " . $cpu{'fiveSec'} . "\n";
>> $exp->print_log_file($timestamp);
>> $exp->send("no pager\n");
>> $exp->send("sh proc\n");
>> $exp->send("sh conn\n");
>> $exp->send("sh resource usage\n");
>> $exp->expect(3,'sipsfw#');
>> }
>> $exp->send("exit\n"); #exit enable
>> $exp->expect(1);
>> $exp->send("exit\n"); #exit fw
>> $exp->expect(1);
>> $exp->send("exit\n"); #exit switch
>> $exp->expect(1);
>> $exp->print_log_file("\nEND\n");
>> $exp->soft_close();
>>
>> return(\%cpu);
>> } #end doExec
>>
>>
>> sub updateRRD {
>> my ($rrd,$meas_hashRef,$dataHashRef) = @_;
>> my $epoc = time;
>> my $data_string = '';
>> foreach my $cust (sort keys %$meas_hashRef) {
>> my $data = $$dataHashRef{$$meas_hashRef{$cust}} || 0;
>> print "Cust $cust: $data \n";
>> $data_string = $data_string . "$data:";
>> }
>>
>> $data_string =~ s/:$//g;
>> print "rrdtool update $rrd $epoc:$data_string\n";
>> RRDs::updatev $rrd, $epoc .":" . $data_string;
>> if (my $ERROR = RRDs::error) {
>> warn "$0: unable to update $rrd : $ERROR";
>> }
>> } #end sub
>>
>> sub createRRD {
>> my $starttime = time;
>> my $step = (5 * 60);
>> my ($rrd,$meas_hashRef) = @_;
>> print Dumper($meas_hashRef);
>> print "In createRRD: ($starttime,$rrd,$step,$meas_hashRef)\n";
>> my $DS_string = "$rrd --start $starttime --step $step ";
>> foreach(sort keys %{$meas_hashRef}) {
>> print "Key: $_\n";
>> $DS_string = $DS_string . "DS:$_:GAUGE:$step:U:U ";
>> }
>> $DS_string = $DS_string .
>> "RRA:AVERAGE:0.5:1:3000 " .
>> "RRA:MIN:0.5:1:3000 " .
>> "RRA:MAX:0.5:1:3000 " .
>> "RRA:LAST:0.5:1:3000 ";
>>
>> print "$DS_string\n";
>> my $return = `/usr/voip/bin/rrdtool create $DS_string`;
>> print $return;
>> my $ERROR = RRDs::error;
>> die "$0: unable to create $rrd : $ERROR" if $ERROR;
>>
>> }
>>
>> sub sendTrap {
>> my $cpu = shift;
>> foreach my $host (@trapCatchers) {
>> my ($session, $error) = Net::SNMP->session(
>> -hostname => $host,
>> -community => $comunity,
>> -version => 'snmpv1',
>> -port => 162
>> );
>>
>> if (!defined($session)) {
>> printf("ERROR: %s.\n", $error);
>> exit 1;
>> }
>>
>> my $svSvcName = '1.3.6.1.4.1.77.1.2.3.1.1';
>> my $message = "FWSM CPU TOO HIGH $cpu%";
>> my @oids = ($svSvcName, OCTET_STRING, $message);
>> #my @oids;
>> my $result = $session->trap(
>> -agentaddr => $monitor,
>> -varbindlist => \@oids
>> #-varbindlist => [$svSvcName, OCTET_STRING,
>> "$message"]
>> );
>>
>> if (!defined($result)) {
>> printf("ERROR: %s.\n", $session->error);
>> $session->close;
>>
>> exit 1;
>>
>> }
>>
>> $session->close;
>> print "Sent Trap \"$message\" to $host\n";
>> } #end foreach
>> } #end sub
>>
>>
> --
> Jason K. Brandt
> Systems Administrator
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140326/82f26a19/attachment.html>
More information about the bind-users
mailing list