From b0fdc78d71d88ed88ef9b134170a4473f62bc94e Mon Sep 17 00:00:00 2001 From: Peter van Dijk Date: Mon, 9 Nov 2020 12:33:57 +0100 Subject: [PATCH] auth: add some missing counters. Fixes #9675 --- pdns/common_startup.cc | 3 +++ pdns/packethandler.cc | 1 + pdns/responsestats-auth.cc | 5 ++++- regression-tests.nobackend/counters/command | 9 +++++++++ .../counters/expected_result | 19 +++++++++++-------- 5 files changed, 28 insertions(+), 9 deletions(-) diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc index b9a752d831..32fca88ede 100644 --- a/pdns/common_startup.cc +++ b/pdns/common_startup.cc @@ -364,7 +364,10 @@ void declareStats(void) S.declare("key-cache-size", "Number of entries in the key cache", DNSSECKeeper::dbdnssecCacheSizes, StatType::gauge); S.declare("signature-cache-size", "Number of entries in the signature cache", signatureCacheSize, StatType::gauge); + S.declare("nxdomain-packets","Number of times an NXDOMAIN packet was sent out"); + S.declare("noerror-packets","Number of times a NOERROR packet was sent out"); S.declare("servfail-packets","Number of times a server-failed packet was sent out"); + S.declare("unauth-packets","Number of times a domain we are not auth for was queried"); S.declare("latency","Average number of microseconds needed to answer a question", getLatency, StatType::gauge); S.declare("timedout-packets","Number of packets which weren't answered within timeout set"); S.declare("security-status", "Security status based on regular polling", StatType::gauge); diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc index 29628f9de1..67a39c7ad9 100644 --- a/pdns/packethandler.cc +++ b/pdns/packethandler.cc @@ -1064,6 +1064,7 @@ void PacketHandler::makeNOError(DNSPacket& p, std::unique_ptr& r, con addNSECX(p, r, target, wildcard, sd.qname, mode); } + S.inc("noerror-packets"); S.ringAccount("noerror-queries", p.qdomain, p.qtype); } diff --git a/pdns/responsestats-auth.cc b/pdns/responsestats-auth.cc index ac4f75a4c8..7562f1de70 100644 --- a/pdns/responsestats-auth.cc +++ b/pdns/responsestats-auth.cc @@ -23,9 +23,12 @@ void ResponseStats::submitResponse(DNSPacket &p, bool udpOrTCP) { static AtomicCounter &tcpbytesanswered6=*S.getPointer("tcp6-answers-bytes"); if(p.d.aa) { - if (p.d.rcode==RCode::NXDomain) + if (p.d.rcode==RCode::NXDomain) { + S.inc("nxdomain-packets"); S.ringAccount("nxdomain-queries", p.qdomain, p.qtype); + } } else if (p.d.rcode == RCode::Refused) { + S.inc("unauth-packets"); S.ringAccount("unauth-queries", p.qdomain, p.qtype); S.ringAccount("remotes-unauth",p.d_remote); } diff --git a/regression-tests.nobackend/counters/command b/regression-tests.nobackend/counters/command index 91ef56e8dc..7caa30973c 100755 --- a/regression-tests.nobackend/counters/command +++ b/regression-tests.nobackend/counters/command @@ -26,6 +26,15 @@ $SDIG ::1 $port random.example.com A tcp >&2 >/dev/null $SDIG ::1 $port example.com SOA >&2 >/dev/null $SDIG ::1 $port example.com SOA tcp >&2 >/dev/null +# NXDOMAIN +$SDIG 127.0.0.1 $port nx.example.com A >&2 >/dev/null + +# NOERROR +$SDIG 127.0.0.1 $port example.com SRV >&2 >/dev/null + +# unauth +$SDIG 127.0.0.1 $port example.invalid MX >&2 >/dev/null + $PDNSCONTROL --config-name= --no-config --socket-dir=./ 'show *' | \ tr ',' '\n'| grep -v -E '(user-msec|sys-msec|cpu-iowait|cpu-steal|uptime|udp-noport-errors|udp-in-errors|real-memory-usage|special-memory-usage|udp-recvbuf-errors|udp-sndbuf-errors|-hit|-miss|fd-usage|latency|backend-queries)' | LC_ALL=C sort diff --git a/regression-tests.nobackend/counters/expected_result b/regression-tests.nobackend/counters/expected_result index 895c420613..69b6391106 100644 --- a/regression-tests.nobackend/counters/expected_result +++ b/regression-tests.nobackend/counters/expected_result @@ -11,11 +11,13 @@ dnsupdate-refused=0 incoming-notifications=0 key-cache-size=0 meta-cache-size=1 +noerror-packets=1 +nxdomain-packets=1 open-tcp-connections=0 overload-drops=0 -packetcache-size=4 +packetcache-size=7 qsize-q=0 -query-cache-size=4 +query-cache-size=12 rd-queries=0 recursing-answers=0 recursing-questions=0 @@ -52,14 +54,15 @@ tcp6-answers-bytes=132 tcp6-answers=2 tcp6-queries=2 timedout-packets=0 -udp-answers-bytes=264 -udp-answers=4 +udp-answers-bytes=460 +udp-answers=7 udp-do-queries=0 -udp-queries=4 -udp4-answers-bytes=132 -udp4-answers=2 -udp4-queries=2 +udp-queries=7 +udp4-answers-bytes=328 +udp4-answers=5 +udp4-queries=5 udp6-answers-bytes=132 udp6-answers=2 udp6-queries=2 +unauth-packets=1 xfr-queue=0 -- 2.47.2