You want to measure a name server's performance.
To measure a name server's real performance (that is, the number of queries it answers on an hourly or daily basis), dump statistics periodically and compare the numbers. On a BIND 9.1.0 or later name server, for example, you could use rndc stats to dump statistics hourly with this crontab entry:
0 * * * * root rndc stats
Every hour, the name server will append data like this to the statistics file (called named.stats in the name server's working directory, by default):
+++ Statistics Dump +++ (1021327908) success 5268 referral 57 nxrrset 7938 nxdomain 127 recursion 1946 failure 153 --- Statistics Dump --- (1021327908)
Add the values of success, nxrrset, and nxdomain, and compute the difference between the sums in two successive statistics blocks. Divide by 3600 (seconds) to get the query rate in queries per second.
With BIND 8, you use ndc stats to induce the name server to dump statistics, but the name server's statistics look considerably different than BIND 9's. Here's an example:
++ Name Server Statistics ++ (Legend) RR RNXD RFwdR RDupR RFail RFErr RErr RAXFR RLame ROpts SSysQ SAns SFwdQ SDupQ SErr RQ RIQ RFwdQ RDupQ RTCP SFwdR SFail SFErr SNaAns SNXD RUQ RURQ RUXFR RUUpd (Global) 94 0 22 0 0 35 0 0 0 0 7 242727 30 36 0 242744 0 30 0 0 22 0 0 24272 5 0 182058 0 0 0 -- Name Server Statistics --
This is just part of the statistics output, printed at the end of each block. The information you need is still there: compute the difference between the values for SAns (sent answers) over time to derive the query rate. To find SAns, look at the line under "(Global)". The second number in the third quintet of numbers (242727 in this example) is SAns.
BIND 9 didn't support dumping statistics until 9.1.0. Of course, you shouldn't be running anything that old, anyway. Here's a quick key to the meaning of the various BIND 9 statistics:
The number of successful queries (those that return a response other than a referral)
The number of queries that resulted in a referral
The number of queries for domain names that didn't own the type of record requested
The number of queries for domain names that didn't exist
The number of recursive queries for domain names in the zone that required the name server to send one or more queries
The number of queries that resulted in a failure other than NXDOMAIN
For an explanation of the many statistics kept by a BIND 8 name server, see "Understanding the BIND Statistics" in Chapter 7 of DNS and BIND.
You may also want to test a name server's top-end performance: how quickly it can process queries? There's a program included in the BIND 9 distribution called queryperf that helps with that; you'll find it in the contrib/queryperf subdirectory. Though it's shipped with BIND 9, it works by sending standard DNS queries, so you can use it to measure the performance of any kind of name server -- BIND 9, BIND 8, or "other."
To build it, cd to contrib/queryperf and run configure, then run make:
$ cd contrib/queryperf $ ./configure $ make
Next, you need to construct an input file, telling queryperf what queries to send to the name server. Each line in the input file must contain a domain name and a type to look up:
www.foo.example A foo.example SOA
(The class is assumed to be IN, for Internet. If you want to measure a name server's performance in processing Hesiod queries, you're on your own. You're also a weirdo.)
If you want to test a name server's performance answering queries for authoritative zone data, use domain names in zones that the name server is authoritative for. If you want to test a name server's performance resolving queries that require recursion, use domain names outside of the name server's authoritative zones. Also, make sure you choose lots of different domain names, or the name server will quickly cache the answers and you won't get a representative measurement of performance.
Once you've created the input file, run queryperf. Use the -d command-line option to specify the name of the input file. You can specify how long (in seconds) you want the test to run with - l, or that you want to go through the list of queries just once with -1. If you give queryperf a time limit and the program exhausts the queries in the input file before the test is over, it'll start again at the beginning. The -s and -p options allow you to specify the server and port you want to query, respectively. The defaults are the local host and port 53. For other command-line options, run queryperf with an option it doesn't understand, like -?.
Here's a sample run of queryperf:
$ queryperf -d input/foo.example -l 60 DNS Query Performance Testing Tool Version: $Id: ch05.xml,v 1.3 2002/10/16 20:08:21 becki Exp $ [Status] Processing input data [Status] Sending queries [Status] Testing complete Statistics: Parse input file: multiple times Run time limit: 60 seconds Ran through file: 0 times Queries sent: 265935 queries Queries completed: 265935 queries Queries lost: 0 queries Percentage completed: 100.00% Percentage lost: 0.00% Started at: Mon May 13 16:26:28 2002 Finished at: Mon May 13 16:27:28 2002 Ran for: 60.458815 seconds Queries per second: 4398.614164 qps
This was a very short test -- 60 seconds -- of queries for domain names in zones my name server is authoritative for, but the performance is impressive nonetheless: nearly 4,400 queries per second.
Note that you probably don't want to run a stress test like this on a production name server during work hours. You may even want to run the name server you're testing on an alternate port, as described in Section 3.26.
5.14.4 See Also
Section 3.26, "Understanding the BIND Statistics" in Chapter 7 of DNS and BIND, and "Capacity Planning" in Chapter 8.
BIND Name Server Configuration
BIND Name Server Operations
Delegation and Registration
Interoperability and Upgrading
Resolvers and Programming
Logging and Troubleshooting