When the DNS server is running, a set of LOG_INFO level log information as shown below is generated every hour to feedback the running status of the DNS server: Dec 26 10:23:52 www named[1033]: Cleaned cache of 26 RRset Dec 26 10:23:52 www named[1033]: USAGE 977797432 976760631 CPU=6.55u/6.24s CHILD CPU=0u/0s Dec 26 10:23:52 www named[1033]: NSTATS 977797432 976760631 0=2 A =13192 CNAME=321 PTR=11204 MX=1173 TXT=4 AAAA=32 ANY=4956 Dec 26 10:23:52 www named[1033]: XSTATS 977797432 976760631 RR=7629 RNXD=1368 RFwdR=4836 RDupR=51 RFail= 159 RFErr=0 RErr=12 RAXFR=0 RLame=175 ROpts=0 SSysQ=2082 SAns=26234 SFwdQ=4520 SDupQ=1263 SErr=0 RQ=30889 RIQ=4 RFwdQ=0 RDupQ=259 RTCP=2 SFwdR=4836 SFail =6 SFErr=0 SNaAns=21753 SNXD=10276 Let's interpret it step by step: 1. Dec 26 10:23:52 www named[1033]: Cleaned cache of 26 RRset This is the first line of each group of log information. , indicating that the Cache is being emptied. Where: Dec 26 10:23:52 means log generation time www shows the name of the machine where the DNS server is named[1033]: Display DNS server process name and process ID Cleaned cache of 26 RRset indicates that the cache is being cleared 2. Dec 26 10:23: 52 www named[1033]: USAGE 977797432 976760631 CPU=6.55u /6.24s CHILD CPU=0u/0s This line is the USAGE line, which is used to count the CPU time occupied by the DNS server. Where: Dec 26 10:23:52 indicates the log generation time www shows the name of the machine where the DNS server is named[1033]: Display the DNS server process name and process ID USAGE line mark 977797432 976760631 977797432-976760631 The value is the total seconds of the DNS server running The number of CPU=6.55u/6.24s means that the DNS server uses the user mode of 6.55 seconds, the system state is 6.24 seconds (u stands for user, s stands for system), and the CHILD CPU represents the CPU usage of the DNS server child process. 3. Dec 26 10:23:52 www named[1033]: NSTATS 977797432 976760631 0=2 A=13192 CNAME=321 PTR=11204 MX=1173 TXT=4 AAAA=32 ANY=4956 This line is the NSTATS line for Count the total number of queries received: Dec 26 10:23:52 indicates the log generation time www shows the name of the machine where the DNS server is named[1033]: Display the DNS server process name and process ID NSTATS line mark 977797432 976760631 977797432-976760631 value is The total number of seconds that the DNS server runs is 0=2, which represents an unknown type of DNS query. 2 A=13192 represents 13192 for class A address query (most standard) CNAME=321 represents 321 for CNAME class address query (usually some versions of sendmail use) The CNAME program normalizes the email address and sends out the dig or nslookup.) PTR=11204 represents 11204 pointer queries (many software uses this method to find the IP address) MX=1173 represents the mail exchanger's query 1173 ( Is initiated by the mail sender) TXT=4 represents a text query by the application. There are 4 AAAA=32 for AAAA class query 32 ANY=4956 Some Sendmail uses the address query method, a total of 4956 notes: There may be: NS=xx represents the name server query (for example: the name server tries to find the root domain server) SOA=xx represents the secondary DNS update HINFO= Xx Host Information Query NSAP=xx Map Domain Name to OSI Network Service Access Point Address AXFR=xx Zone Transfer for Secondary DNS These do not appear in this example. 4. Dec 26 10:23:52 www named[1033]: XSTATS 977797432 976760631 RR=7629 RNXD=1368 RFwdR=4836 RDupR=51 RFail=159 RFErr=0 RErr=12 RAXFR=0 RLame=175 ROpts=0 SSysQ= 2082 SAns=26234 SFwdQ=4520 SDupQ=1263 SErr=0 RQ=30889 RIQ=4 RFwdQ=0 RDupQ=259 RTCP=2 SFwdR=4836 SFail=6 SFErr=0 SNaAns=21753 SNXD=10276 This is the XSTATS line, which is used For statistics on other data.
Where: Dec 26 10:23:52 means log generation time www shows the name of the machine where the DNS server is named[1033]: Display the DNS server process name and process ID NSTATS line mark 977797432 976760631 977797432-976760631 is the value The total number of seconds that the DNS server is running RR=7629 means that there are 7629 responses received from other hosts (the number of responses from DNS queries sent to other machines or processes, irrespective of RQ) RNXD=1368 means received “ no such The domain & rdquo; answer a total of 1368 RFwdR = 108 received response to the original query is 108 RDupR = 51 repeated response 51 (when the DNS in its pending list of queries, can not find the original query that caused the response, this The response is a repeated response) RFail=159 Received SERVFAIL (remote server error) 159 RFErr=0 Did not receive FORMERR (remote name server thinks the local name server query has a format error) Rerr=12 Received in addition to SERVFAIL, FORMERR Error 12 RAXFR=0 0 total Transmit RLame=175 received 175 bad authorizations (meaning that some areas are authorized to other name servers, and this name server is not the authority of this area) ROpts=0 The total number of packets with IP options is 0. SSysQ=2082 issued a total of 2082 system queries (the system query is a query by the local name server. Most of them are for the root name server) SAns=26234 A total of 26234 SFwdQ=4520 are not answered, but the name is not forwarded. A total of 4520 SDupQ=1263 Repeated query number 1263 SErr=0 The total number of non-SERVFAIL, FORMERR errors issued RQ=30889 The total number of queries received was 30889 RIQ=4 and 4 reverse queries were received (reverse query is for The address is mapped to the name. This function is now implemented by PTR. The earlier nslookup uses this query.) RFwdQ=0 There is no query that needs further processing RDupQ=259 Repeated query has a total of 259 RTCP=2 Received 2 via TCP connection Query (usually using UDP) SFwdR=4836 Response from other name servers forwarded 4836 SFail=6 issued is considered SERVFA IL response a total of 6 SFErr=0 issued is considered to be the number of FORMERR responses SNaAns=21753 non-authoritative answer a total of 21753 SNXD=10276 issued without this domain answer 10276 These statistics are all statistics from the DNS open to the present, Not the statistics for the hour. How to measure the load of the DNS server? Very simple, divide the total number of queries by the total time of DNS running, don't you know? In this example: the DNS server is already running: 977797432-976760631=1036801 seconds = 288 hours Note: Available from lines 2, 3, and 4 and the total query request is: 2+13192+321+11204+1173+4 +32+4956=20884 times Note: It can be obtained from the second line, that is, 107 query requests per hour, less than 2 times per second, the load is still relatively small.
The experiment task queries each other through two DNS forwarding, so that the client point
Implementing parent and child domains in DNS, and authorizing and forwarding 1: Setting up
1.DNS Understanding: DNS (Domain Name Service) domain name service, we all know that the ad
Regardless of whether it is on the local area network or the Internet, people are also faced
What should I do if the Win7 system shuts down and becomes a reboot?
How does the Wizard 3 Troll Liver get the Wizard 3 Dagger Liver Gets the Raiders
Why is the network speed slower after upgrading to XP system?
Win8.1 set the default program graphic tutorial
The next generation Win10 tablet will be equipped with WP user interface
Sharing printers through the Win7 family group Life is more convenient
WindowsXP Six Tips Latest Application Tips
What if the computer or mobile phone of the note does not search for the wireless signal