dnsdist drops packet

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

dnsdist drops packet

Federico87
Hi all,

I have a raspberry that is running dnsdist with this configuration:

newServer{address="192.168.0.3:53"}
newServer{address="127.0.0.1:5300", pool="abuse"}
addPoolRule({"wpad.domain.name"}, "abuse")
webserver("192.168.0.2:8083", "supersecret")
addACL("0.0.0.0/0")
addACL("::/0")
carbonServer('37.252.122.50', 'raspi-836', 30)

I don't know why, but on webserver I can see some packets dropped from the primary server and I don't understand the reason why. There is not any queries rate for that server 

#NameAddressStatusQueriesDropsQPSOutWeightOrderPools
0192.168.0.3:53up24108672011
1127.0.0.1:5300up10100011abuse

Do you have any idea why there are some dropped packets?

Also, I added this line of conf. I could see the queries to goolge but I could see also the queries to a.root server. Seems that the command does not overwrite the default one. Is it the aspect  behaviour?  

newServer {address="192.168.0.3", checkType="A", checkName="www.google.com.", mustResolve=true}

Last question: I added the carbon server. I can see the server on https://metronome1.powerdns.com/ but no one graph is plotted

Thank you for your time.

BTW, dnsdist seems very useful and powerful!!! 

Federico


_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: dnsdist drops packet

Federico87

Hi guys,

Nobody has any clue for this? I woukd try to understand why dnsdist shows some dropped packets. There is any debug that can help me to understand why it os happen?

Thanks and Merry Christmas!!!

Federico

On 18 Dec 2015 14:22, "Federico Olivieri" <[hidden email]> wrote:
Hi all,

I have a raspberry that is running dnsdist with this configuration:

newServer{address="192.168.0.3:53"}
newServer{address="127.0.0.1:5300", pool="abuse"}
addPoolRule({"wpad.domain.name"}, "abuse")
webserver("192.168.0.2:8083", "supersecret")
addACL("0.0.0.0/0")
addACL("::/0")
carbonServer('37.252.122.50', 'raspi-836', 30)

I don't know why, but on webserver I can see some packets dropped from the primary server and I don't understand the reason why. There is not any queries rate for that server 

#NameAddressStatusQueriesDropsQPSOutWeightOrderPools
0192.168.0.3:53up24108672011
1127.0.0.1:5300up10100011abuse

Do you have any idea why there are some dropped packets?

Also, I added this line of conf. I could see the queries to goolge but I could see also the queries to a.root server. Seems that the command does not overwrite the default one. Is it the aspect  behaviour?  

newServer {address="192.168.0.3", checkType="A", checkName="www.google.com.", mustResolve=true}

Last question: I added the carbon server. I can see the server on https://metronome1.powerdns.com/ but no one graph is plotted

Thank you for your time.

BTW, dnsdist seems very useful and powerful!!! 

Federico


_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: dnsdist drops packet

bert hubert-3
On Sat, Dec 19, 2015 at 01:20:35PM +0000, Federico Olivieri wrote:
> Nobody has any clue for this? I woukd try to understand why dnsdist shows
> some dropped packets. There is any debug that can help me to understand why
> it os happen?

This is drops caused by your backends, so we forwarded a query, to a DNS
backend and it did not respond. Run with -v to get verbose logging which
queries these are.

Also, please use the dnsdist mailinglist:
http://mailman.powerdns.com/mailman/listinfo/dnsdist

Thanks!

        Bert


>
> Thanks and Merry Christmas!!!
>
> Federico
> On 18 Dec 2015 14:22, "Federico Olivieri" <[hidden email]> wrote:
>
> > Hi all,
> >
> > I have a raspberry that is running dnsdist with this configuration:
> >
> > newServer{address="192.168.0.3:53"}
> > newServer{address="127.0.0.1:5300", pool="abuse"}
> > addPoolRule({"wpad.domain.name"}, "abuse")
> > webserver("192.168.0.2:8083", "supersecret")
> > addACL("0.0.0.0/0")
> > addACL("::/0")
> > carbonServer('37.252.122.50', 'raspi-836', 30)
> >
> > I don't know why, but on webserver I can see some packets dropped from the
> > primary server and I don't understand the reason why. There is not any
> > queries rate for that server
> >
> > #NameAddressStatusQueriesDropsQPSOutWeightOrderPools0192.168.0.3:53up24108
> > 6720111127.0.0.1:5300up10100011abuse
> >
> > Do you have any idea why there are some dropped packets?
> >
> > Also, I added this line of conf. I could see the queries to goolge but I
> > could see also the queries to a.root server. Seems that the command does
> > not overwrite the default one. Is it the aspect  behaviour?
> >
> > newServer {address="192.168.0.3", checkType="A", checkName="www.google.com.",
> > mustResolve=true}
> >
> > Last question: I added the carbon server. I can see the server on
> > https://metronome1.powerdns.com/ but no one graph is plotted
> >
> > Thank you for your time.
> >
> > BTW, dnsdist seems very useful and powerful!!!
> >
> > Federico
> >
> >

> _______________________________________________
> Pdns-users mailing list
> [hidden email]
> http://mailman.powerdns.com/mailman/listinfo/pdns-users


_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: dnsdist drops packet

Aleš Rygl
In reply to this post by Federico87

Hi Frederico,

 

I am experiencig this as well:

 

showServers()

# Name Address State Qps Qlim Ord Wt Queries Drops Drate Lat Pools

0 rzt-entdns3 93.153.116.35:53 up 0.0 1000 1 1 1547610 7186 0.0 72.7

1 rzt-entdns2 127.0.0.1:53 up 1.0 1000 1 1 1548253 7379 0.0 81.2

All 0.0 3095863 14565

 

Could't the drops be caused by downstream server responding too late because of SERVFAIL when resolving a particular domain?

 

Regards

Ales

 

 

On Saturday 19 of December 2015 13:20:35 Federico Olivieri wrote:

> Hi guys,

>

> Nobody has any clue for this? I woukd try to understand why dnsdist shows

> some dropped packets. There is any debug that can help me to understand why

> it os happen?

>

> Thanks and Merry Christmas!!!

>

> Federico

>

> On 18 Dec 2015 14:22, "Federico Olivieri" <[hidden email]> wrote:

> > Hi all,

> >

> > I have a raspberry that is running dnsdist with this configuration:

> >

> > newServer{address="192.168.0.3:53"}

> > newServer{address="127.0.0.1:5300", pool="abuse"}

> > addPoolRule({"wpad.domain.name"}, "abuse")

> > webserver("192.168.0.2:8083", "supersecret")

> > addACL("0.0.0.0/0")

> > addACL("::/0")

> > carbonServer('37.252.122.50', 'raspi-836', 30)

> >

> > I don't know why, but on webserver I can see some packets dropped from the

> > primary server and I don't understand the reason why. There is not any

> > queries rate for that server

> >

> > #NameAddressStatusQueriesDropsQPSOutWeightOrderPools0192.168.0.3:53up24108

> > 6720111127.0.0.1:5300up10100011abuse

> >

> > Do you have any idea why there are some dropped packets?

> >

> > Also, I added this line of conf. I could see the queries to goolge but I

> > could see also the queries to a.root server. Seems that the command does

> > not overwrite the default one. Is it the aspect behaviour?

> >

> > newServer {address="192.168.0.3", checkType="A",

> > checkName="www.google.com.", mustResolve=true}

> >

> > Last question: I added the carbon server. I can see the server on

> > https://metronome1.powerdns.com/ but no one graph is plotted

> >

> > Thank you for your time.

> >

> > BTW, dnsdist seems very useful and powerful!!!

> >

> > Federico

 


_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: dnsdist drops packet

bert hubert-3
On Sat, Dec 19, 2015 at 04:11:57PM +0100, Aleš Rygl wrote:
> #   Name                 Address                       State     Qps    Qlim Ord Wt    Queries   Drops Drate   Lat Pools
> 0   rzt-entdns3          93.153.116.35:53                 up     0.0    1000   1  1    1547610    7186   0.0  72.7
> 1   rzt-entdns2          127.0.0.1:53                     up     1.0    1000   1  1    1548253    7379   0.0  81.2
> All                                                              0.0                   3095863   14565  
>
> Could't the drops be caused by downstream server responding too late because of SERVFAIL when resolving a particular domain?

Could be, we have the infrastructure to give insight into that but we don't
make it easy yet:

> grepq(".")
Time    Client                                          ID    Name                      Type  Lat. TC RD AA Rcode
-25.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
-21.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers
-20.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
-16.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers
-15.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
-11.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers

This "knows" about timeouts to backends, but we don't make it easy to "grep" for them.

Will add this as a feature.

        Bert

>
> Regards
> Ales
>
>
> On Saturday 19 of December 2015 13:20:35 Federico Olivieri wrote:
> > Hi guys,
> >
> > Nobody has any clue for this? I woukd try to understand why dnsdist shows
> > some dropped packets. There is any debug that can help me to understand why
> > it os happen?
> >
> > Thanks and Merry Christmas!!!
> >
> > Federico
> >
> > On 18 Dec 2015 14:22, "Federico Olivieri" <[hidden email]> wrote:
> > > Hi all,
> > >
> > > I have a raspberry that is running dnsdist with this configuration:
> > >
> > > newServer{address="192.168.0.3:53"}
> > > newServer{address="127.0.0.1:5300", pool="abuse"}
> > > addPoolRule({"wpad.domain.name"}, "abuse")
> > > webserver("192.168.0.2:8083", "supersecret")
> > > addACL("0.0.0.0/0")
> > > addACL("::/0")
> > > carbonServer('37.252.122.50', 'raspi-836', 30)
> > >
> > > I don't know why, but on webserver I can see some packets dropped from the
> > > primary server and I don't understand the reason why. There is not any
> > > queries rate for that server
> > >
> > > #NameAddressStatusQueriesDropsQPSOutWeightOrderPools0192.168.0.3:53up24108
> > > 6720111127.0.0.1:5300up10100011abuse
> > >
> > > Do you have any idea why there are some dropped packets?
> > >
> > > Also, I added this line of conf. I could see the queries to goolge but I
> > > could see also the queries to a.root server. Seems that the command does
> > > not overwrite the default one. Is it the aspect  behaviour?
> > >
> > > newServer {address="192.168.0.3", checkType="A",
> > > checkName="www.google.com.", mustResolve=true}
> > >
> > > Last question: I added the carbon server. I can see the server on
> > > https://metronome1.powerdns.com/ but no one graph is plotted
> > >
> > > Thank you for your time.
> > >
> > > BTW, dnsdist seems very useful and powerful!!!
> > >
> > > Federico
>

> _______________________________________________
> Pdns-users mailing list
> [hidden email]
> http://mailman.powerdns.com/mailman/listinfo/pdns-users


_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: [dnsdist] dnsdist drops packet

bert hubert-3
On Sat, Dec 19, 2015 at 04:34:11PM +0100, bert hubert wrote:
> Could be, we have the infrastructure to give insight into that but we don't
> make it easy yet:

Hi Aleš,

As of right now (the packages that are building now), you can do:

grepq("3000ms")

And get all timeouts. It also shows you which downstream caused the timeout.

> grepq("3000ms")
Time    Client                                          Server       ID    Name                      Type  Lat.   TC RD AA Rcode
-67.0   127.0.0.1:44898                                 8.8.4.4:53   1853  ds9a.com.                 A     3433.1    RD    No Error. 1 answers
-54.5   127.0.0.1:41892                                 8.8.4.4:53   32463 ezdns.it.                 A     T.O             No Error. 0 answers
-49.3   127.0.0.1:41892                                 8.8.4.4:53   32463 ezdns.it.                 A     T.O             No Error. 0 answers
-44.2   127.0.0.1:41892                                 8.8.4.4:53   32463 ezdns.it.                 A     T.O             No Error. 0 answers

Or use topSlow():
> topSlow()
   1  ezdns.it.                                   3 75.0%
   2  ds9a.com.                                   1 25.0%
   3  Rest                                        0  0.0%

You can also do topSlow(10, 4000) to get everything slower than 4000
milliseconds, or even topSlow(10, 4000, 1) which will group everything by
tld.

Can you let us know if this is what you need?

        Bert


>
> > grepq(".")
> Time    Client                                          ID    Name                      Type  Lat. TC RD AA Rcode
> -25.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
> -21.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers
> -20.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
> -16.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers
> -15.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
> -11.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers
>
> This "knows" about timeouts to backends, but we don't make it easy to "grep" for them.
>
> Will add this as a feature.
>
> Bert
>
> >
> > Regards
> > Ales
> >
> >
> > On Saturday 19 of December 2015 13:20:35 Federico Olivieri wrote:
> > > Hi guys,
> > >
> > > Nobody has any clue for this? I woukd try to understand why dnsdist shows
> > > some dropped packets. There is any debug that can help me to understand why
> > > it os happen?
> > >
> > > Thanks and Merry Christmas!!!
> > >
> > > Federico
> > >
> > > On 18 Dec 2015 14:22, "Federico Olivieri" <[hidden email]> wrote:
> > > > Hi all,
> > > >
> > > > I have a raspberry that is running dnsdist with this configuration:
> > > >
> > > > newServer{address="192.168.0.3:53"}
> > > > newServer{address="127.0.0.1:5300", pool="abuse"}
> > > > addPoolRule({"wpad.domain.name"}, "abuse")
> > > > webserver("192.168.0.2:8083", "supersecret")
> > > > addACL("0.0.0.0/0")
> > > > addACL("::/0")
> > > > carbonServer('37.252.122.50', 'raspi-836', 30)
> > > >
> > > > I don't know why, but on webserver I can see some packets dropped from the
> > > > primary server and I don't understand the reason why. There is not any
> > > > queries rate for that server
> > > >
> > > > #NameAddressStatusQueriesDropsQPSOutWeightOrderPools0192.168.0.3:53up24108
> > > > 6720111127.0.0.1:5300up10100011abuse
> > > >
> > > > Do you have any idea why there are some dropped packets?
> > > >
> > > > Also, I added this line of conf. I could see the queries to goolge but I
> > > > could see also the queries to a.root server. Seems that the command does
> > > > not overwrite the default one. Is it the aspect  behaviour?
> > > >
> > > > newServer {address="192.168.0.3", checkType="A",
> > > > checkName="www.google.com.", mustResolve=true}
> > > >
> > > > Last question: I added the carbon server. I can see the server on
> > > > https://metronome1.powerdns.com/ but no one graph is plotted
> > > >
> > > > Thank you for your time.
> > > >
> > > > BTW, dnsdist seems very useful and powerful!!!
> > > >
> > > > Federico
> >
>
> > _______________________________________________
> > Pdns-users mailing list
> > [hidden email]
> > http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>
> _______________________________________________
> dnsdist mailing list
> [hidden email]
> http://mailman.powerdns.com/mailman/listinfo/dnsdist

_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: [dnsdist] dnsdist drops packet

Federico87
Hi,

Just a question from my side. There is any way to understand, from the total count of packet dropped, how many packets have been dropped for SERVFAIL?

Thank You

Federico

2016-01-04 18:14 GMT+00:00 bert hubert <[hidden email]>:
On Sat, Dec 19, 2015 at 04:34:11PM +0100, bert hubert wrote:
> Could be, we have the infrastructure to give insight into that but we don't
> make it easy yet:

Hi Aleš,

As of right now (the packages that are building now), you can do:

grepq("3000ms")

And get all timeouts. It also shows you which downstream caused the timeout.

> grepq("3000ms")
Time    Client                                          Server       ID    Name                      Type  Lat.   TC RD AA Rcode
-67.0   127.0.0.1:44898                                 8.8.4.4:53   1853  ds9a.com.                 A     3433.1    RD    No Error. 1 answers
-54.5   127.0.0.1:41892                                 8.8.4.4:53   32463 ezdns.it.                 A     T.O             No Error. 0 answers
-49.3   127.0.0.1:41892                                 8.8.4.4:53   32463 ezdns.it.                 A     T.O             No Error. 0 answers
-44.2   127.0.0.1:41892                                 8.8.4.4:53   32463 ezdns.it.                 A     T.O             No Error. 0 answers

Or use topSlow():
> topSlow()
   1  ezdns.it.                                   3 75.0%
   2  ds9a.com.                                   1 25.0%
   3  Rest                                        0  0.0%

You can also do topSlow(10, 4000) to get everything slower than 4000
milliseconds, or even topSlow(10, 4000, 1) which will group everything by
tld.

Can you let us know if this is what you need?

        Bert


>
> > grepq(".")
> Time    Client                                          ID    Name                      Type  Lat. TC RD AA Rcode
> -25.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
> -21.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers
> -20.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
> -16.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers
> -15.0   127.0.0.1:59117                                 13086 ds9a.nl.                  A             RD    Question
> -11.2   127.0.0.1:59117                                 0     ds9a.nl.                  A     0.0           No Error. 0 answers
>
> This "knows" about timeouts to backends, but we don't make it easy to "grep" for them.
>
> Will add this as a feature.
>
>       Bert
>
> >
> > Regards
> > Ales
> >
> >
> > On Saturday 19 of December 2015 13:20:35 Federico Olivieri wrote:
> > > Hi guys,
> > >
> > > Nobody has any clue for this? I woukd try to understand why dnsdist shows
> > > some dropped packets. There is any debug that can help me to understand why
> > > it os happen?
> > >
> > > Thanks and Merry Christmas!!!
> > >
> > > Federico
> > >
> > > On 18 Dec 2015 14:22, "Federico Olivieri" <[hidden email]> wrote:
> > > > Hi all,
> > > >
> > > > I have a raspberry that is running dnsdist with this configuration:
> > > >
> > > > newServer{address="192.168.0.3:53"}
> > > > newServer{address="127.0.0.1:5300", pool="abuse"}
> > > > addPoolRule({"wpad.domain.name"}, "abuse")
> > > > webserver("192.168.0.2:8083", "supersecret")
> > > > addACL("0.0.0.0/0")
> > > > addACL("::/0")
> > > > carbonServer('37.252.122.50', 'raspi-836', 30)
> > > >
> > > > I don't know why, but on webserver I can see some packets dropped from the
> > > > primary server and I don't understand the reason why. There is not any
> > > > queries rate for that server
> > > >
> > > > #NameAddressStatusQueriesDropsQPSOutWeightOrderPools0192.168.0.3:53up24108
> > > > 6720111127.0.0.1:5300up10100011abuse
> > > >
> > > > Do you have any idea why there are some dropped packets?
> > > >
> > > > Also, I added this line of conf. I could see the queries to goolge but I
> > > > could see also the queries to a.root server. Seems that the command does
> > > > not overwrite the default one. Is it the aspect  behaviour?
> > > >
> > > > newServer {address="192.168.0.3", checkType="A",
> > > > checkName="www.google.com.", mustResolve=true}
> > > >
> > > > Last question: I added the carbon server. I can see the server on
> > > > https://metronome1.powerdns.com/ but no one graph is plotted
> > > >
> > > > Thank you for your time.
> > > >
> > > > BTW, dnsdist seems very useful and powerful!!!
> > > >
> > > > Federico
> >
>
> > _______________________________________________
> > Pdns-users mailing list
> > [hidden email]
> > http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>
> _______________________________________________
> dnsdist mailing list
> [hidden email]
> http://mailman.powerdns.com/mailman/listinfo/dnsdist

_______________________________________________
dnsdist mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/dnsdist


_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
Reply | Threaded
Open this post in threaded view
|

Re: [dnsdist] dnsdist drops packet

Aleš Rygl
In reply to this post by bert hubert-3
Hi Bert,

sorry for my late response.  All these new traffic inspection features looks
great! Thanks. I gave to go through the updated README.

Regards
Ales

On Monday 04 of January 2016 19:14:34 bert hubert wrote:

> On Sat, Dec 19, 2015 at 04:34:11PM +0100, bert hubert wrote:
> > Could be, we have the infrastructure to give insight into that but we
> > don't
>
> > make it easy yet:
> Hi Aleš,
>
> As of right now (the packages that are building now), you can do:
>
> grepq("3000ms")
>
> And get all timeouts. It also shows you which downstream caused the timeout.
> > grepq("3000ms")
>
> Time    Client                                          Server       ID  
> Name                      Type  Lat.   TC RD AA Rcode -67.0  
> 127.0.0.1:44898                                 8.8.4.4:53   1853
> ds9a.com.                 A     3433.1    RD    No Error. 1 answers -54.5  
> 127.0.0.1:41892                                 8.8.4.4:53   32463
> ezdns.it.                 A     T.O             No Error. 0 answers -49.3  
> 127.0.0.1:41892                                 8.8.4.4:53   32463
> ezdns.it.                 A     T.O             No Error. 0 answers -44.2  
> 127.0.0.1:41892                                 8.8.4.4:53   32463
> ezdns.it.                 A     T.O             No Error. 0 answers
> Or use topSlow():
> > topSlow()
>
>    1  ezdns.it.                                   3 75.0%
>    2  ds9a.com.                                   1 25.0%
>    3  Rest                                        0  0.0%
>
> You can also do topSlow(10, 4000) to get everything slower than 4000
> milliseconds, or even topSlow(10, 4000, 1) which will group everything by
> tld.
>
> Can you let us know if this is what you need?
>
> Bert
>


_______________________________________________
Pdns-users mailing list
[hidden email]
http://mailman.powerdns.com/mailman/listinfo/pdns-users