SREcon18 Americas - Monitoring DNS with Open-Source Solutions
Felipe Espinoza and Javier Bustos, NIC Labs
NIC Chile is the DNS administrator of the ccTLD .cl, managing over 500.000 domain names in an infrastructure composed by more than 30 servers distributed around the globe (some of them belonging to one of the three Anycast clouds used in the name service) answering a ratio of around 3,000 queries/sec per server. In this scenario, we took the challenge of build a real-time monitor system four our DNS service, by only using open-source software.
We reviewed and benchmarked different alternatives: Packetbeat, Collectd, DSC, Fievel, and GoPassiveDNS for data collection; Prometheus, Druid, ClickHouse, InfluxDB, ElasticSearch, and OpenTSDB as DB engines; and Kibana, Grafana, and Graphite Web for visualization. The info we wanted to know were, Five top-queried domains, mean length of DNS queries, and the number of queries per subnetwork, per operation code (OPCODE), per class (QCLASS), per type (QTYPE), per answer type, per transport protocol (UDP, TCP), and with active EDNS.
With that scenario, we measured:
CPU used by DB.
RAM
Secondary memory
Time required for data aggregation
We present two compatibility matrices summarizing our findings and a ready-to-use open-source integrated monitoring system.
Sign up to find out more about SREcon at https://srecon.usenix.org
Смотрите видео SREcon18 Americas - Monitoring DNS with Open-Source Solutions онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь USENIX 30 Апрель 2018, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 1,165 раз и оно понравилось 16 людям.