Measuring DNS services at APNIC A work-in-progress report Reverse DNS SIG APRICOT, Bangkok 5 March 2002

Download Report

Transcript Measuring DNS services at APNIC A work-in-progress report Reverse DNS SIG APRICOT, Bangkok 5 March 2002 

Measuring DNS services at APNIC
A work-in-progress report
Reverse DNS SIG
APRICOT, Bangkok
5 March 2002
Overview
•
•
•
•
•
Motivations
Methodology
Initial outcomes
Future work
Questions
Motivations
• Improve APNIC reporting function
– EC response to member survey
– Strategic regional/national relevancy
• DNS traffic reflects end-user usage
• DNS efficiencies affect global service quality
• Improve monitoring of APNIC services
• Check load balance between servers,
locations
• Early warning of problems
• Review load balance when network changes,
new services added
Methodology
• APNIC DNS nameservers sampled
every 15 minutes
# ndc debug;sleep 60; ndc nodebug
– currently approx 8-10Mb named.run
• dumps saved as compressed images for
future use
Methodology cont.
• Analyse sample
– Requestors
• Source of datagrams
– Requested objects
• .in-addr.arpa
• .ip6.int, etc
• Collate using RIR allocation maps
– Tag data by ISO CC of nearest allocation
boundary
– Can sort by volume of requests, CC etc.
RIR Map Issues
• Network licenceholders can use the
network anywhere
– CC of allocation/assignment record
• Not authoritative source CC of request.
– 80:20 rule on likely location of network?
• Many legacy networks list as US but
are located worldwide
• Too many addresses unknown CC
Initial Outcomes
• Example load shares
– To Brisbane and Tokyo
• CN/TW
• ID/HK
• NZ/KR
• Query rates
– 2 week sample
– IPv6 query rate
• Top 10 requesting CC by server
location
CN,TW serve
by server location
ratio of AU serve Japan:Brisbane
ratio
5.00
TW
equal load share
CN
4.50
4.00
3.50
3.00
2.50
2.00
1.50
1.00
0.50
0.00
23-Feb
24-Feb
25-Feb
26-Feb
27-Feb
sample time
28-Feb
1-Mar
2-Mar
ID,HK serve
by server location
ratio of AU serve Japan:Brisbane
ratio
5.00
ID
equal load share
HK
4.50
4.00
3.50
3.00
2.50
2.00
1.50
1.00
0.50
0.00
23-Feb
24-Feb
25-Feb
26-Feb
27-Feb
sample time
28-Feb
1-Mar
2-Ma
NZ, KR serve
by server location
ratio
ratio of AU serve Japan:Brisbane
5.00
NZ
equal load share
4.50
"KR"
4.00
3.50
3.00
2.50
2.00
1.50
1.00
0.50
0.00
23-Feb
24-Feb
25-Feb
26-Feb
27-Feb
sample time
28-Feb
1-Mar
2-Mar
2/
18
/0
2
11
:4
8
5:
33
23
:1
8
17
:0
3
10
:4
8
2/
17
/0
2
2/
15
/0
2
2/
14
/0
2
2/
13
/0
2
4:
33
22
:1
8
16
:0
3
2/
12
/0
2
2/
10
/0
2
9:
48
3:
33
21
:1
8
2/
8/
02
2/
9/
02
8:
48
15
:0
3
2/
7/
02
2/
5/
02
2/
4/
02
2/
3/
02
2:
33
20
:1
8
14
:0
3
2/
2/
02
1/
31
/0
2
1/
30
/0
2
DNS server query rate
requests/second
requests
1400
1200
1000
800
600
400
200
0
30
/0
1/
02
31
/0
1/
02
1/
02
/0
2
2/
02
/0
2
3/
02
/0
2
4/
02
/0
2
5/
02
/0
2
6/
02
/0
2
7/
02
/0
2
8/
02
/0
2
9/
02
/0
2
10
/0
2/
02
11
/0
2/
02
12
/0
2/
02
13
/0
2/
02
14
/0
2/
02
15
/0
2/
02
16
/0
2/
02
17
/0
2/
02
18
/0
2/
02
19
/0
2/
02
IPv6 requests
Number of
requests per MIN
IPv6 lookups of any type
full dotted-nybble lookups
250
200
150
100
50
0
Top 20 requesting CC
by server location
Australia
Japan
US
549484
US
541906
??
129886
CN
129870
CN
107425
??
123195
KR
102130
JP
121836
AU
94366
KR
101654
JP
74039
UK
48588
DE
55991
CA
39253
UK
53420
DE
34919
CA
43757
TW
29439
CH
32771
HK
17210
FR
22953
AU
16826
NL
21555
SG
16816
TW
19811
NL
15633
Future Work
• Table of CC to requested DNS RR
– More computationally expensive
– May not be completely accurate
– Web ‘select-your-own-CC’ interface
• Apply same methodology
– Web
– Whois
• requester,requested-data inline in logfiles, so much
simpler to tabulate
– Consistent methodology for monitoring APNIC
resource usage
Future Work cont.
• Account for measurement-induced errors
– Additional cost to DNS server to write
named.run file
• Is named logging ‘cheaper’ ?
– Avoid methods which query (www,whois,dns)
• Improve methodology
– Use DNS logging not debug dumps
• Make data available online
– APNIC values interpretation of raw data by the
wider community
Questions
George Michaelson
[email protected]