We have some nameservers :-) that are used by quite a few thousands of people. Every now and then someone comes to us and complains that the DNS is responding slowly. Sometimes they are right, and we find the problem and fix it. But most of the time everything runs fine, and the DNS is not, in fact, responding slowly when that someone comes to complain. It turns out to be their PC, or a local network issue, or whatever.
So we have a homegrown system in place that watches the traffic to and from the nameservers, matches queries to answers, ignores everything else, and notes how long it was between the question going past and the answer going past in the opposite direction. It writes summarised information second by second into a database so we can see exactly when problems with response times happen, how long they happen for, and how bad they are when they happen. Our system has two faults (well, two that we are actually concerned about): It only watches UDP, and it can't deal with fragmented packets. So I was wondering if there is a better solution out there? Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (ka...@biplane.com.au) +61-2-64957160 (h) http://www.biplane.com.au/kauer/ +61-428-957160 (mob) GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687 Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users