upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- num.query.aggressive.NOERROR and num.query.aggressive.NXDOMAIN statistics

Browse source 
counters


git-svn-id: file:///svn/unbound/trunk@4616 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Ralph Dolmans 2018-04-10 11:39:23 +00:00
parent 471ed1befe
commit 6ef9cafc0e
8 changed files with 73 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
daemon/remote.c
View file

@ -1051,6 +1051,10 @@ print_ext(SSL* ssl, struct ub_stats_info* s)
(unsigned long)s->svr.ans_bogus)) return 0;
if(!ssl_printf(ssl, "num.rrset.bogus"SQ"%lu\n",
(unsigned long)s->svr.rrset_bogus)) return 0;
if(!ssl_printf(ssl, "num.query.aggressive.NOERROR"SQ"%lu\n",
(unsigned long)s->svr.num_neg_cache_noerror)) return 0;
if(!ssl_printf(ssl, "num.query.aggressive.NXDOMAIN"SQ"%lu\n",
(unsigned long)s->svr.num_neg_cache_nxdomain)) return 0;
/* threat detection */
if(!ssl_printf(ssl, "unwanted.queries"SQ"%lu\n",
(unsigned long)s->svr.unwanted_queries)) return 0;

28
daemon/stats.c
View file

@ -62,6 +62,7 @@
#include "services/cache/infra.h"
#include "services/authzone.h"
#include "validator/val_kcache.h"
#include "validator/val_neg.h"
/** add timers and the values do not overflow or become negative */
static void
@ -123,6 +124,30 @@ void server_stats_log(struct ub_server_stats* stats, struct worker* worker,
(unsigned)worker->env.mesh->stats_jostled);
}
/** Set the neg cache stats. */
static void
set_neg_cache_stats(struct worker* worker, struct ub_server_stats* svr,
int reset)
{
int m = modstack_find(&worker->env.mesh->mods, "validator");
struct val_env* ve;
struct val_neg_cache* neg;
if(m == -1)
return;
ve = (struct val_env*)worker->env.modinfo[m];
if(!ve->neg_cache)
return;
neg = ve->neg_cache;
lock_basic_lock(&neg->lock);
svr->num_neg_cache_noerror = neg->num_neg_cache_noerror;
svr->num_neg_cache_nxdomain = neg->num_neg_cache_nxdomain;
if(reset && !worker->env.cfg->stat_cumulative) {
neg->num_neg_cache_noerror = 0;
neg->num_neg_cache_nxdomain = 0;
}
lock_basic_unlock(&neg->lock);
}
/** get rrsets bogus number from validator */
static size_t
get_rrset_bogus(struct worker* worker, int reset)
@ -274,6 +299,9 @@ server_stats_compile(struct worker* worker, struct ub_stats_info* s, int reset)
lock_rw_unlock(&worker->env.auth_zones->lock);
}
/* Set neg cache usage numbers */
set_neg_cache_stats(worker, &s->svr, reset);
/* get tcp accept usage */
s->svr.tcp_accept_usage = 0;
for(lp = worker->front->cps; lp; lp = lp->next) {

4
doc/Changelog
View file

@ -1,3 +1,7 @@
10 April 2018: Ralph
- num.query.aggressive.NOERROR and num.query.aggressive.NXDOMAIN
statistics counters.
10 April 2018: Wouter
- documentation for low-rtt and low-rtt-pct.

10
doc/unbound-control.8.in
View file

@ -611,6 +611,16 @@ the internet, but are now answered from the auth zone.
The number of queries for downstream answered from auth\-zone data.
These queries are from downstream clients, and have had an answer from
the data in the auth zone.
.TP
.I num.query.aggressive.NOERROR
The number of queries answered using cached NSEC records with NODATA RCODE.
These queries would otherwise have been sent to the internet, but are now
answered using cached data.
.TP
.I num.query.aggressive.NXDOMAIN
The number of queries answered using cached NSEC records with NXDOMAIN RCODE.
These queries would otherwise have been sent to the internet, but are now
answered using cached data.
.SH "FILES"
.TP
.I @ub_conf_file@

6
libunbound/unbound.h
View file

@ -751,6 +751,12 @@ struct ub_server_stats {
long long num_query_authzone_up;
/** number of queries for unbound's auth_zones, downstream answers */
long long num_query_authzone_down;
/** number of times neg cache records were used to generate NOERROR
* responses. */
long long num_neg_cache_noerror;
/** number of times neg cache records were used to generate NXDOMAIN
* responses. */
long long num_neg_cache_nxdomain;
};
/**

2
smallapp/unbound-control.c
View file

@ -349,6 +349,8 @@ static void print_extended(struct ub_stats_info* s)
PR_UL("num.answer.secure", s->svr.ans_secure);
PR_UL("num.answer.bogus", s->svr.ans_bogus);
PR_UL("num.rrset.bogus", s->svr.rrset_bogus);
PR_UL("num.query.aggressive.NOERROR", s->svr.num_neg_cache_noerror);
PR_UL("num.query.aggressive.NXDOMAIN", s->svr.num_neg_cache_nxdomain);
/* threat detection */
PR_UL("unwanted.queries", s->svr.unwanted_queries);
PR_UL("unwanted.replies", s->svr.unwanted_replies);

14
validator/val_neg.c
View file

@ -1515,6 +1515,10 @@ val_neg_getmsg(struct val_neg_cache* neg, struct query_info* qinfo,
return NULL;
if(addsoa && !add_soa(rrset_cache, now, region, msg, NULL))
return NULL;
lock_basic_lock(&neg->lock);
neg->num_neg_cache_noerror++;
lock_basic_unlock(&neg->lock);
return msg;
} else if(nsec && val_nsec_proves_name_error(nsec, qinfo->qname)) {
if(!(msg = dns_msg_create(qinfo->qname, qinfo->qname_len,
@ -1578,7 +1582,7 @@ val_neg_getmsg(struct val_neg_cache* neg, struct query_info* qinfo,
rcode = LDNS_RCODE_NXDOMAIN;
else if(!nsec_proves_nodata(wcrr, &wc_qinfo,
&nodata_wc) || nodata_wc)
/* &nodata_wc shoudn't be set, wc_qinfo
/* &nodata_wc shouldn't be set, wc_qinfo
* already contains wildcard domain. */
/* NSEC doesn't prove anything for
* wildcard. */
@ -1595,6 +1599,14 @@ val_neg_getmsg(struct val_neg_cache* neg, struct query_info* qinfo,
if(addsoa && !add_soa(rrset_cache, now, region, msg, NULL))
return NULL;
/* Increment statistic counters */
lock_basic_lock(&neg->lock);
if(rcode == LDNS_RCODE_NOERROR)
neg->num_neg_cache_noerror++;
else if(rcode == LDNS_RCODE_NXDOMAIN)
neg->num_neg_cache_nxdomain++;
lock_basic_unlock(&neg->lock);
FLAGS_SET_RCODE(msg->rep->flags, rcode);
return msg;
}

6
validator/val_neg.h
View file

@ -80,6 +80,12 @@ struct val_neg_cache {
size_t max;
/** max nsec3 iterations allowed */
size_t nsec3_max_iter;
/** number of times neg cache records were used to generate NOERROR
* responses. */
size_t num_neg_cache_noerror;
/** number of times neg cache records were used to generate NXDOMAIN
* responses. */
size_t num_neg_cache_nxdomain;
};
/**