[rlug] Re: Determinare size cerere DNS

Sorin CONSTANTINESCU Sun, 21 Mar 2004 10:38:17 -0800

Salut,

Radu Filip wrote:
> Salut,
> 
> am nevoie sa calculez dimensiunea medie a unui request DNS (cerere si
> raspuns). M-am gandit sa loghez cu tcmdump traficul pentru o perioada de
> timp data si apoi sa fac media size-urillor requesturilor:
> 
> # tcpdump -nn -i eth0 | egrep -i "\.53(\ >|: )


mai bine foloseste tcpdump -nni eth0 udp and port 53

> 09:45:46.054966 a.b.c.d.53 > x.y.z.t.53:  35065 1/11/12 (513) (DF)
> 09:45:46.099954 a.b.c.d.53 > x.y.z.t.53:  39837 NXDomain 0/1/1 (110) (DF)
> 09:45:46.225132 x.y.z.t.53 > 206.191.0.210.53:  5392+ [1au] PTR? 
> 148.142.109.220.in-addr.arpa. (57)
> 09:45:46.745089 x.y.z.t.53 > 64.105.124.154.32770:  7511*- 1/2/3 A x.y.z.t (137)
> 09:45:47.945265 x.y.z.t.53 > 210.138.175.244.53:  1323 [1au] A? 
> mcn-ns1.miyazaki-catv.ne.jp. (56)
> 09:45:47.945361 x.y.z.t.53 > 210.138.175.244.53:  26323 [1au] A? 
> mcn-ns2.miyazaki-catv.ne.jp. (56)
> 09:45:47.945382 x.y.z.t.53 > a.b.c.d.53:  63479+ [1au] PTR? 
> 52.68.105.219.in-addr.arpa. (55)
> 09:45:47.945420 x.y.z.t.53 > 210.138.175.244.53:  62514 [1au] A? 
> mcn-ns3.miyazaki-catv.ne.jp. (56)
> 09:45:47.976022 210.138.175.244.53 > x.y.z.t.53:  26323-% 0/3/4 (162)
> 09:45:47.976025 210.138.175.244.53 > x.y.z.t.53:  1323-% 0/3/4 (162)
> 09:45:47.976522 210.138.175.244.53 > x.y.z.t.53:  62514-% 0/3/4 (162)
> 09:45:47.977423 x.y.z.t.53 > a.b.c.d.53:  64025+ [1au] A? 
> mcn-ns2.miyazaki-catv.ne.jp. (56)
> 09:45:47.977455 x.y.z.t.53 > a.b.c.d.53:  62921+ [1au] A? 
> mcn-ns1.miyazaki-catv.ne.jp. (56)
> 09:45:47.977764 x.y.z.t.53 > a.b.c.d.53:  22677+ [1au] A? 
> mcn-ns3.miyazaki-catv.ne.jp. (56)
> 09:45:48.245117 x.y.z.t.53 > 210.138.175.244.53:  57033 [1au] PTR? 
> 148.142.109.220.in-addr.arpa. (57)
> 09:45:48.275959 210.138.175.244.53 > x.y.z.t.53:  57033-% 0/3/4 (184)
> 09:45:48.276889 x.y.z.t.53 > a.b.c.d.53:  60245+ [1au] PTR? 
> 148.142.109.220.in-addr.arpa. (57)
> 09:45:49.771152 x.y.z.t.53 > a.b.c.d.53:  7081+ [1au] PTR? 
> 139.116.188.205.in-addr.arpa. (57)
> 09:45:49.804602 a.b.c.d.53 > x.y.z.t.53:  7081 1/2/3 (176) (DF)
> [...]
> 
> unde x.y.z.t e serverul meu (pe care fac DNS caching) si a.b.c.d este
> serverul meu de DNS.
> 
> Nu sunt sigur daca valoarea din campul 5 (35065, 39837, ...) reprezinta
> dimeansiunea in bytes a cererii sau nu. Daca nu, cum fac sa am afisat si 
> dimensiunea totala in bytes a requestului, inclusiv dimensiunea 
> header-ului pachetului de IP?

dimensiunea este aia din campul 7 (ala cu paranteze rotunde).

> 
> Mersi.
> 

-- 
Sorin CONSTANTINESCU
[EMAIL PROTECTED]
Linux Registered User #222086



--- 
Detalii despre listele noastre de mail: http://www.lug.ro/

[rlug] Re: Determinare size cerere DNS

Raspunde prin e-mail lui