Bind 9.6 - DNS statistics

Templates, scripts for templates, scripts and requests for templates.

Moderators: Moderators, Developers

Author
Message
niobe
Cacti User
Posts: 228
Joined: Mon Mar 10, 2008 6:52 pm
Location: Australia

Bind 9.6 - DNS statistics

#1 Post by niobe » Fri Mar 18, 2011 4:25 am

Hi Folks,

I've created a script and set of templates to retrieve stats from a server running Bind 9.6.

These are loosely based on the methods in Image for Bind 9.5, but pretty much everything has changed to work with the new version and to make use of the extra statistics available. I use the scp method to avoid having to set up snmpd on your name servers. The bind 9.5 templates relied on the cacti server causing stats to be generated. This could lead to inconsistent stats depending on when the poller decided to run this script - it wouldn't be exactly 1 poller interval every time. In this version the name server itself must be setup to generate stats (instructions below).

There are 3 graphs, all display in queries or responses per second:
  • Record type of incoming queries (server activity)
    incoming_queries.png
    Incoming Queries
    incoming_queries.png (88.07 KiB) Viewed 23322 times
    Record type of outgoing queries (resolver activity)
    outgoing_queries.png
    Outgoing Queries
    outgoing_queries.png (72.32 KiB) Viewed 23322 times
    Response type of answered queries
    answered_queries.png
    Answered Queries
    answered_queries.png (45.44 KiB) Viewed 23322 times
SETUP

1) Generate stats file
The most important part is to generate the stats file on your bind server.
The script expects that you will run 'rndc stats' once every cacti polling cycle, truncating or deleting the existing file not appending to it.
This is to keep the file small and lean as it is copied every poller cycle. By default bind appends to the stats file.
The easist way to do this is create a small shell script and put it in your name servers crontab. It need only have 3 lines really:

Code: Select all

#!/bin/sh
rm /var/named/stats/named.stats
rndc stats
2) Public key auth for remote SSH
The user running the cacti poller on your cacti server must be able to ssh (scp) to the name server and retrieve the stats file.
Cacti's poller can't respond to a password prompt so you must setup public key authentication. This is easier than it sounds as most ssh servers will be setup for this by default.
However you need to run 'ssh-keygen' on the cacti server as the poller user. Hit enter at each prompt for defaults.
Now append the contents of '/home/<cacti_poller_user>/.ssh/id_rsa.pub' to '/home/<remote_ssh_user>/.ssh/authorized_keys' on the name server. Careful of extra new lines in there!
Try logging in with 'ssh <name_server>'. There are some pitfalls to setting this up such as permissions of the authorized_keys file, but I won't detail everything here.

3) Install TCL
The script is TCL based, so you will need to install TCL 8.4+ if it's not part of your cacti server's distribution, e.g.

Code: Select all

yum install tcl
After that move the .tcl file to <cacti_dir>/scripts and import the templates.

4) Test script
Test the script by running it manually under the same user as the cacti poller:

Code: Select all

tclsh /var/www/cacti/scripts/bind96-stats.tcl -h <name_server_ip> -u <remote_ssh_user> -r in
tclsh /var/www/cacti/scripts/bind96-stats.tcl -h <name_server_ip> -u <remote_ssh_user> -r out
tclsh /var/www/cacti/scripts/bind96-stats.tcl -h <name_server_ip> -u <remote_ssh_user> -r misc
This should highlight any path or permissions issues. You should also to check to see that the stats file is actually being regenerated every 1 or 5 minutes (depending on your polling cycle).

5) Debug NANs
If some but not all lines in the graph legend show NANs the most likely cause is that your server is not returning stats for these items.
Say you see a NAN under outcoming HINFO queries.. Run the script manually and check there is some output for QUERIES_OUT_HINFO:

Code: Select all

tclsh /var/www/cacti/scripts/bind96-stats.tcl -h 10.203.22.28 -u netman -r out
TOTAL_QUERIES:12448274 TOTAL_NOTIFIES:7 TOTAL_UPDATES:147 QUERIES_OUT_A:3000925 QUERIES_OUT_CNAME:3918 QUERIES_OUT_SOA:1865 QUERIES_OUT_PTR:108987 QUERIES_OUT_MX:55196 QUERIES_OUT_TXT:774220 QUERIES_OUT_AFSDB:1 QUERIES_OUT_AAAA:1497841 QUERIES_OUT_SRV:10847 QUERIES_OUT_SPF:376 QUERIES_OUT_ANY:278
In this case it is missing. This will cause the graph totals to also display NAN, so we need to fix this somehow without affecting the graph template (as other hosts may be reporting this stat fine)..

<fix>

Any comments/difficulties let me know.

0.2 - script update to handle multiple hosts better, minor graph updates.

cheers,
N
Attachments
cacti-bind96-stats-v0.2.zip
Script and templates
(30.95 KiB) Downloaded 1730 times
Last edited by niobe on Fri Mar 18, 2011 9:25 pm, edited 5 times in total.

joelserrano
Posts: 6
Joined: Fri Mar 11, 2011 7:09 am

Re: Bind 9.6 - DNS statistics

#2 Post by joelserrano » Fri Mar 18, 2011 4:45 am

Hi niobe,

Would it be possible for you to add "per domain" statistics also?

Thanks!

niobe
Cacti User
Posts: 228
Joined: Mon Mar 10, 2008 6:52 pm
Location: Australia

Re: Bind 9.6 - DNS statistics

#3 Post by niobe » Fri Mar 18, 2011 4:58 am

I can certainly take a look. Can you show me the part of the stats file you are interested in?

niobe
Cacti User
Posts: 228
Joined: Mon Mar 10, 2008 6:52 pm
Location: Australia

Re: Bind 9.6 - DNS statistics

#4 Post by niobe » Fri Mar 18, 2011 9:26 pm

v0.2 minor update added to OP.

JJX
Cacti User
Posts: 402
Joined: Thu Oct 06, 2005 5:03 am

Re: Bind 9.6 - DNS statistics

#5 Post by JJX » Mon Apr 04, 2011 8:38 am

Great script!!!

Is any way to support statistics for individual zones?
cacti rulez!

niobe
Cacti User
Posts: 228
Joined: Mon Mar 10, 2008 6:52 pm
Location: Australia

Re: Bind 9.6 - DNS statistics

#6 Post by niobe » Mon Apr 04, 2011 6:45 pm

Thanks! I can take a look at this, but I am not much of a zones guru. Can you please post a copy of your stats file and note the different zones?
cheers
N

JJX
Cacti User
Posts: 402
Joined: Thu Oct 06, 2005 5:03 am

Re: Bind 9.6 - DNS statistics

#7 Post by JJX » Tue Apr 05, 2011 2:25 am

In your named.conf.options you can add this to get statistics per zone:

Code: Select all

        statistics-file "/var/cache/bind/named.stats";
        zone-statistics yes;

I am attaching a named.stats from "BIND 9.7.2-P3"
different zones are: domain1.bg, domain1.com.cy , domain1.fr
Each zone has two different views (internal and external)

All zone stats are under "++ Per Zone Query Statistics ++"
Attachments
named.stats.txt
(5.27 KiB) Downloaded 766 times
cacti rulez!

idtest
Posts: 3
Joined: Thu Jun 17, 2010 6:59 am
Location: L'viv

Re: Bind 9.6 - DNS statistics

#8 Post by idtest » Wed Apr 06, 2011 1:16 am

Failed to import graph templates, the error is: Error: XML: Hash version does not exist. Using cacti 0.8.7e.

noname
Cacti Guru User
Posts: 1566
Joined: Thu Aug 05, 2010 2:04 am
Location: Japan

Re: Bind 9.6 - DNS statistics

#9 Post by noname » Mon May 02, 2011 2:22 pm

>> Failed to import graph templates, the error is: Error: XML: Hash version does not exist. Using cacti 0.8.7e.

Try this: http://forums.cacti.net/viewtopic.php?p=211298#p211298

manish2479
Posts: 3
Joined: Mon Jun 20, 2011 11:02 am

Re: Bind 9.6 - DNS statistics

#10 Post by manish2479 » Mon Jun 20, 2011 12:11 pm

Hi

I have implement this cacti-bind96-stats-v0.2.zip DNS Statistics script and set of templates to retrieve stats from a server running Bind 9.6.3 on FreeBSD, but when I run the command from linux CentOS server.

tclsh /var/www/cacti/scripts/bind96-stats.tcl -h 192.168.1.10 -u netman -r in

it generates the file /var/www/cacti/scripts/named-stats.log.192.168.1.10 with all the stats reports but doesn't gives any output. It seems the "bind96-stats.tcl" is not parsing the downloaded file properly. Is there some additional package is required with tcl. Is there a way to debug that tcl script.

Using tcl version tcl-8.4.13-4.el5 and OS is Centos 5.6 64-bit.

Cacti also showing this errors.

06/20/2011 11:50:02 AM - CMDPHP: Poller[0] Host[4] DS[53] WARNING: Result from CMD not valid. Partial Result: U
06/20/2011 11:50:02 AM - CMDPHP: Poller[0] Host[4] DS[51] WARNING: Result from CMD not valid. Partial Result: U
06/20/2011 11:50:02 AM - CMDPHP: Poller[0] Host[4] DS[52] WARNING: Result from CMD not valid. Partial Result: U

Any input or help is appreciated.

Thank You

niobe
Cacti User
Posts: 228
Joined: Mon Mar 10, 2008 6:52 pm
Location: Australia

Re: Bind 9.6 - DNS statistics

#11 Post by niobe » Mon Jun 20, 2011 5:48 pm

Hi,
Yes it sounds like a parsing issue if the stats are being retrieved. Perhaps the format is slightly different in your version? No additional package is required.
I haven't built any debugging into this script, but TCL is known for being easy to read so you can do a quick compare of the "PARSE" section in the script and the stats.
For example, does the text in the section headings match your stats file? If these are all different you would get no output.

Code: Select all

    } elseif { [string equal "++ Incoming Requests ++" $line] } {
        set section 1
    } elseif { [string equal "++ Incoming Queries ++" $line] } {
        set section 2
    } elseif { [string equal "++ Outgoing Queries ++" $line] } {
        set section 3
    } elseif { [string equal "++ Name Server Statistics ++" $line] } {
        set section 4
    } elseif { [string equal "++ Zone Maintenance Statistics ++" $line] } {
        set section 5
    } elseif { [string equal "++ Resolver Statistics ++" $line] } {
        set section 6
    } elseif { [string equal "++ Cache DB RRsets ++" $line] } {
        set section 7
    } elseif { [string equal "++ Socket I/O Statistics ++" $line] } {
        set section 8
    } elseif { [string equal "++ Per Zone Query Statistics ++" $line] } {

manish2479
Posts: 3
Joined: Mon Jun 20, 2011 11:02 am

Re: Bind 9.6 - DNS statistics

#12 Post by manish2479 » Tue Jun 21, 2011 2:11 pm

Hi

I have downgraded the bind version to 9.6.2.1 and now I get the results by running command manually as

tclsh /var/www/cacti/scripts/bind96-stats.tcl -h 192.168.1.10 -u netman -r in
TOTAL_QUERIES:55 QUERIES_IN_A:55
tclsh /var/www/cacti/scripts/bind96-stats.tcl -h 192.168.1.10 -u netman -r out
TOTAL_QUERIES:55
tclsh /var/www/cacti/scripts/bind96-stats.tcl -h 192.168.1.10 -u netman -r misc
TOTAL_QUERIES:55 REQUESTS_RCVD_IPV4:55 RESPONSES_SENT:55 ANSWERED_SUCCESS:55 ANSWERED_AUTH:55

But when ran from cacti it still gives error as

CMDPHP: Poller[0] Host[4] DS[54] WARNING: Result from CMD not valid. Partial Result: U

and even doesn't generates the file /var/www/cacti/scripts/named-stats.log.192.168.1.10

Any suggestions.

Thank You

niobe
Cacti User
Posts: 228
Joined: Mon Mar 10, 2008 6:52 pm
Location: Australia

Re: Bind 9.6 - DNS statistics

#13 Post by niobe » Tue Jun 21, 2011 4:49 pm

Still seems like a parsing issue as though the format of the stats file is being changed between versions.
Can you attach your stats file?

manish2479
Posts: 3
Joined: Mon Jun 20, 2011 11:02 am

Re: Bind 9.6 - DNS statistics

#14 Post by manish2479 » Tue Jun 21, 2011 11:30 pm

Hi

I have attached the file with named as named-stats.txt

Thank You for your time and help.
Attachments
named-stats.txt
(22.63 KiB) Downloaded 459 times

niobe
Cacti User
Posts: 228
Joined: Mon Mar 10, 2008 6:52 pm
Location: Australia

Re: Bind 9.6 - DNS statistics

#15 Post by niobe » Thu Jun 23, 2011 7:50 pm

Ok so the script is doing what it's told, unfortunately that won't work with this stats file. It's quite different to the one my system generates.
I may take a look at this again when I get round to supporting zone stats.

Post Reply