Re: DNS zone query data

Mon, 07 Jan 2008 17:40:24 -0800 

Hi, Kris--

 Jan 5, 2008, at 6:14 PM, Kris Kennaway wrote:
Some months ago someone on this list offered to provide to me a data set of DNS query data and the corresponding zone file for benchmarking of BIND performance as an authoritative server. Unfortunately I have lost the email and forgot who it was who made the offer :) If it was you, please contact me again privately as I would like to proceed with this. 


Was it this thread:

Begin forwarded message:

From: Chuck Swiger <[EMAIL PROTECTED]>
Date: June 4, 2007 1:21:51 PM PDT
To: Kris Kennaway <[EMAIL PROTECTED]>
Cc: Doug Barton <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: HEADS UP: BIND 9.4.1 imported
On Jun 2, 2007, at 7:27 PM, Kris Kennaway wrote:

For the vast majority of users, this should be a noop. Please test,
especially if you have a heavier loaded name server, and report any
issues.


Also I'll remark that we remain very interested in getting access to
either a busy nameserver or the data stream from one, in order to
profile FreeBSD kernel activity and look for places to optimize
performance.



I've mentioned this before, but the dns/adns port provides some  
handy utilities for putting a DNS server under high loads.



Something like the following command will generate anywhere from 200  
queries/sec to 1500+ queries/sec, depending on the IPs involved in  
the logfile you use, and how rapidly the remote nameservers respond:



 /usr/local/bin/adnslogres -c 500 < /var/log/httpd-access.log >! / 
var/log/httpd-access.log.dns


--
-Chuck


        -----

Begin forwarded message:

From: Chuck Swiger <[EMAIL PROTECTED]>
Date: June 14, 2007 4:53:01 PM PDT
To: Kris Kennaway <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: BIND 9.4.1 performance on FreeBSD 6.2 vs. 7.0

Hi, Kris--


This was interesting, thanks for putting together the testing and  
graphs.


On Jun 14, 2007, at 1:48 AM, Kris Kennaway wrote:

I have been benchmarking BIND 9.4.1 recursive query performance on an

8-core opteron, using the resperf utility (dns/dnsperf in ports).   
The

query data set was taken from www.freebsd.org's httpd-access.log with
some of the highly aggressive robot IP addresses pruned out (to avoid
huge numbers of repeated queries against a small subset of addresses,
which would skew the results).



It's at least arguable that doing queries against a data set  
including a bunch of repeats is "skewed" in a more realistic  
fashion. :-)  A quick look at some of the data sources I have handy  
such as http access logs or Squid proxy logs suggests that (for  
example) out of a database of 17+ million requests, there were only  
46000 unique IPs involved.



You might find it interesting to compare doing queries against your  
raw and filtered datasets, just to see what kind of difference you  
get, if any.



Testing was done over a broadcom gigabit ethernet cable connected
back-to-back between two identical machines.  named was restarted in
between tests to flush the cache.



What was the external network connectivity in terms of speed?  The  
docs suggest you need something like a 16MBs up/8 Mbs down  
connectivity in order to get up to 50K requests/sec....


[ ... ]

It would be interesting to test BIND performance when acting as an
authoritative server, which probably has very different performance
characteristics; the difficulty there is getting access to a suitably
interesting and representative zone file and query data.



I suppose you could also set up a test nameserver which claims to be  
authoritative for all of in-addr.arpa, and set up a bunch (65K?) /16  
reverse zone files, and then test against real unmodified IPs, but  
it would be easier to do something like this:



Set up a nameserver which is authoritative for 1.10.in-addr.arpa  
(ie, the reverse zone for 10.1/16), and use a zonefile with the  
$GENERATE directive to populate your PTR records:


$TTL    86400
$origin 1.10.in-addr.arpa.

@       IN      SOA     localhost. hostmaster.localhost. (
       1       ; serial (YYYYMMDD##)
       3h      ; Refresh 3 hours
       1h      ; Retry   1 hour
       30d     ; Expire  30 days
       1d )    ; Minimum 24 hours

@       NS      localhost.

$GENERATE 0-255 $.0 PTR ip-10-1-0-$.example.com.
$GENERATE 0-255 $.1 PTR ip-10-1-1-$.example.org.
$GENERATE 0-255 $.2 PTR ip-10-1-2-$.example.net.
; ...etc...


...and then feed it a query database consisting of PTR lookups.  If  
you wanted to, you could take your existing IP database, and glue  
the last two octets of the real IPs onto 10.1 to produce a  
reasonable assortment of IPs to perform a reverse lookup upon.


--
-Chuck


_______________________________________________
freebsd-performance@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-performance
To unsubscribe, send any mail to "[EMAIL PROTECTED]"






















					Reply via email to