tytso@ATHENA.MIT.EDU (Theodore Ts'o) (05/14/91)
Archive-name: internet/named/ninet/1991-05-13 Archive: net-dist.mit.edu:/tytso/ninit* [18.72.0.3] Original-posting-by: tytso@ATHENA.MIT.EDU (Theodore Ts'o) Original-subject: Re: DNS performance metering: a wish list for bind 4.8.4 Reposted-by: emv@msen.com (Edward Vielmetti, MSEN) This is what we do now to solve this problem; I've written a program called "ninit" which starts named in nofork mode and waits for it to exit. When it exits, ninit restarts a new named. In addition, every 5 minutes, ninit wakes up and sends a SIGIOT to named. This causes named to dump statistical information to /usr/tmp/named.stats. Every 60 seconds, ninit tries to do a name resolution using the local named. If it fails to get an answer back in some short amount of time, it kills the existing named and starts a new one. We are running this on the MIT nameservers and our mailhub. We find that it is extremely useful in catching named's that die mysteriously, or which get hung for some unknown reason. It's especially useful on our mailhub, since our mail queue will explode if we lose name resolution even for a short time. I also have the following entry in /etc/inetd.conf: nstats stream tcp nowait unswitched daemon /bin/cat cat /usr/tmp/named.stats ....and I also have a perl script which contacts all of the MIT nameservers and displays the named statistics in a tabular format: <tytso@tsx-11> {~} 39% named_stats bitsy : Mon May 13 13:32:21 1991 strawb : Mon May 13 13:32:55 1991 w20ns : Mon May 13 13:35:28 1991 lithium : Mon May 13 13:32:45 1991 bitsy strawb w20ns lithium TOTAL time since boot (secs) 5286 2042 1304 8334 time since reset (secs) 5286 2042 1304 8334 input packets 33762 12255 2356 22927 71300 output packets 34547 12430 2385 22933 72295 queries 16857 5891 2293 22801 47842 iqueries 1 0 0 0 1 duplicate queries 28 4 1 3 36 responses 16931 6431 63 126 23551 duplicate responses 83 27 3 15 128 OK answers 8075 2405 1234 8902 20616 FAIL answers 6268 2525 1055 13896 23744 FORMERR answers 12 0 0 0 12 system queries 46 39 3 1 89 prime cache calls 35 33 2 1 71 check_ns calls 1 1 1 1 4 bad responses dropped 11439 4317 2 0 15758 A queries 4925 1984 891 5343 13143 CNAME queries 4133 1372 499 9749 15753 SOA queries 0 1 0 0 1 MG queries 0 0 0 2 2 WKS queries 2 2 2 3 9 PTR queries 4950 1384 247 2991 9572 HINFO queries 0 1 3 15 19 MX queries 863 521 272 1819 3475 TXT queries 379 30 25 74 508 AXFR queries 2 0 0 0 2 ANY queries 1591 596 354 2805 5346 All told, it's a horrible kludge, but it gets the job done. If anyone is interested in the ninit program, let me know, and I get you a copy. - Ted P.S. Note the large number of FAIL answers; this is due to the domain searching misfeature that was introduced in a relatively recent version of the resolver. It causes hosts to try such hosts "athena.mit.edu.mit.edu" and "uunet.uu.net.mit.edu". The resolver won't try these silly names if people add a trailing period to hostnames, but most people don't bother to do that. Sigh.... (later message...) Wow.... I got a lot of requests asking for the ninit program, so I've packaged it up and made it available via anonymous FTP on the machine NET-DIST.MIT.EDU. The filename is ~ftp/tytso/ninit.tar. If you start using it in a production capacity, let me know. I sometimes get curious how far some of my hacks travel. :-) - Ted -- comp.archives file verification net-dist.mit.edu -rw-r--r-- 1 15806 0 24576 May 13 18:08 /tytso/ninit.tar found ninet ok net-dist.mit.edu:/tytso/ninit*