1

If you're not running your own dns server (or if you must run your own to do this assume you are) how would you measure how many DNS queries per second you get for your domain?
Is there anyway to tell if a web request came using your DNS server as the authoritative source or a cached result?

The idea is to be able to tell if you are adequately able to meet demand with your existing DNS server.

dlamblin
  • 929
  • 2
  • 10
  • 20
  • Your question is vague, which led me to post an answer that you didn't like. Next time be specific and tell us who hosts your DNS so we can give you an accurate answer. – joeqwerty Oct 01 '09 at 11:42
  • dlamblin, you're smacking people for their answers but in fairness you didn't specifiy who hosts your DNS and I offer this statement from your question as proof that your question is vague and hypothetical: "(or if you must run your own to do this assume you are)". So stop smacking people and downvoting them because you don't like their answers. Next time be specific and tell us who hosts your DNS and don't post a question that can be misunderstood or misintepreted. – joeqwerty Oct 01 '09 at 12:34
  • Ok, either you are, or are not running your own DNS server. Which is it? If you are not, and do not have at least a trust relationship established with it, there is no way to tell. A similar question would be "What number am I thinking of?" .. you have no way of knowing. – Tim Post Oct 02 '09 at 02:48
  • @all; wow I never down-voted anyone here. So don't whine if someone else did. I think my question is clear, I am not currently running my own DNS server, but I am interested in measuring the number of requests. If I can only measure the number of requests by running my own, then I will. I understand that allows for two different answers. – dlamblin Oct 02 '09 at 18:42

4 Answers4

4

Short answer: In your situation you have no way of telling.

If you have DNS hosted for you I would suggest contacting the hosting provider to discuss the matter. It's pretty certain they won't be prepared to give you access to the logs or any other real information but they should at least be able to give you an indication of whether their system is coping well of not. I imagine their system is providing DNS for other customers as well as yourself, so if it wasn't keeping pace they would be getting complaints.

John Gardeniers
  • 27,262
  • 12
  • 53
  • 108
2

If you do run the DNS server, I prefer joeqwerty's solution (a capture program like DSC) to tinkertim's solution (tuen on query logging) because query logging is:

  • DNS server software dependant
  • slows down the name server

In any case, whether you run the DNS server or not, no, you cannot say what happened at the client side. If your name server receives a DNS request, you can be reasonably sure it means it wxs not in the cache at the other side. If you don't receive the request, you know nothing.

bortzmeyer
  • 3,903
  • 1
  • 20
  • 24
1

Run a packet capture program on the DNS server, start a capture and filter for only DNS, run the capture for an hour, calculate from the data collected in the capture.

AFAIK, there's no way to know how a client resolved a DNS lookup unless you run a packet capture on the client.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • It's not possible to capture packets if the server is run by my webhost is it? – dlamblin Oct 01 '09 at 04:44
  • He didn't say who was running the DNS for him. Look at his question again: "If you're not running your own dns server (or if you must run your own to do this assume you are)" So clearly he's not saying who is hosting his DNS and he's asking how to measure DNS queries and I told him how. – joeqwerty Oct 01 '09 at 11:36
  • Sorry dlamblin, didn't catch that you were the one who commented But to rephrase your question the way I understood it you asked "How do I do this if I don't run my own DNS, or do I need to run my own DNS to do this?" and I gave you a valid answer. So 1 downvote for you for being vague in your question and not specifying who was hosting your DNS. – joeqwerty Oct 01 '09 at 11:41
0

While this slows down the server (a tiny bit), you can simply turn on query logging. This produces a log of queries with timestamp .. after that its relatively easy to take averages over periods of time.

Its rather easy to do in most versions of BIND, not sure about others. I use the same thing to police some DNS servers that we have no choice but to allow almost wide open recursion.

Tim Post
  • 1,515
  • 13
  • 25