BIND 10 #2796: Add a counter for queries with RD=1
BIND 10 Development
do-not-reply at isc.org
Thu Jun 6 20:49:06 UTC 2013
#2796: Add a counter for queries with RD=1
-------------------------------------+-------------------------------------
Reporter: y-aharen | Owner:
Type: enhancement | jinmei
Priority: medium | Status:
Component: b10-auth | reviewing
Keywords: | Milestone:
Sensitive: 0 | Sprint-20130611
Sub-Project: DNS | Resolution:
Estimated Difficulty: 4 | CVSS Scoring:
Total Hours: 0 | Defect Severity: N/A
| Feature Depending on Ticket:
| Add Hours to Ticket: 0
| Internal?: 0
-------------------------------------+-------------------------------------
Comment (by jinmei):
Replying to [comment:11 y-aharen]:
> > > > - Is there a reason for limiting this counter for queries?
> > > Yes. To monitor an authoritative server, I think it is interesting
> > > to count 'queries' with RD=1. They are "recursive queries": normally
> > > they will not be reached to authoritative servers.
> >
> > But in the normal case I suspect sensible requests of any type to
> > authoritative only servers, not only queries, don't have RD=1. So, in
> > that sense it'd be "interesting" to count any such abnormal requests.
> >
> > If the reason for the limit is that queries with RD=1 are quite likely
> > from stub resolvers (if not some deviant recursive servers) and would
> > be of particular interest (e.g. the server address may be listed in
> > some /etc/resolv.conf), that may make sense. But it's not really
> > obvious to me, and I'd like to see it explained somewhere, like in the
> > spec description or man page.
> I don't know accurate reason, but there are many "queries" (6.79% in
.com
> according to https://ripe66.ripe.net/presentations/217-com-net-query-
analysis-for-RIPE66-2013.pdf)
> with RD=1 arriving to authoritative servers. I thought I was
To be clear, I'm not necessarily objecting to limiting it, but the
above measurement can't itself explain why we should limit them to
queries. If, for example, there can be other valid reasons of getting
RD=1 for non-query type requests, then I see the point of having a
separate counter for queries. But (from a quick look) this
presentation only talks about queries, so it doesn't immediately
suggest the need for the limitation.
> suggested to count number of queries with RD on for b10-auth in #2157
At the time of #2157, I suspect we really didn't consider this level
of details. Note also that in my response at bind10-dev
https://lists.isc.org/pipermail/bind10-dev/2013-May/004624.html
I said "As long as it's counted for requests with opcode == QUERY".
By this I (implicitly) meant "although I don't know why it should be
only for queries".
> and I thought it's reasonable to countfor queries for some reason,
> including that I understood RD bit is effective for queries but not for
> updates nor notifies. Do you mean to describe some possibilities where
> the kind of requests come from in man page?
What I wanted to see is some explanation (maybe in the man page)
reading like: "note that the RD bit is not specific to queries
(requests of opcode 0), but this counter is limited to queries.
This is because <the reason, which I didn't understand yet>".
Again, I'm not objecting, just asking why you thought it should be
limited, and whatever the reason it wasn't obvious to me (and probably
to others too) so it's better to be documented.
Other changes look okay.
--
Ticket URL: <https://bind10.isc.org/ticket/2796#comment:12>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list