月: 2012年3月

投稿日:

dnsperf で DNS DoS(違) ベンチマーク

大先生に教わりながら仕事で使ったので忘備録

 

0. 検証環境

筐体:IBM System X3550M2
OS:Ubuntu Server 11.10

 

1. 必要そうなパッケージを入れる

mykw# apt-get install bind9utils libbind-dev libkrb5-dev libssl-dev libcap-dev libxml2-dev gnuplot

GNU Plotは resperf-report するときに使うのかな。

2. ソースを拾って展開して make


mykw# wget ftp://ftp.nominum.com/pub/nominum/dnsperf/1.0.1.0/dnsperf-src-1.0.1.0-1.tar.gz

mykw# tar xzf dnsperf-src-1.0.1.0-1.tar.gz && cd dnsperf-src-1.0.1.0-1

mykw# ./configure prefix=/usr/local

mykw# make && make install

 

3. 実行してみる

初めに以下のようなリストを作る

mykw# cat domainlist

www.wktk.so A
yutarommx.com A

 

クエリー飛ばす先と、リストファイル名、実行時間を引数に入れて実行。


mykw# dnsperf -s ${DIST}  -d ${domainlist} -l ${exectime}

mykw# dnsperf -s 192.168.10.139  -d domainlist -l 60

 

ほかにもいろいろオプションがある模様。


mykw# dnsperf –help

DNS Performance Testing Tool

Nominum Version 1.0.1.0

dnsperf: invalid option — ‘-‘

Usage: dnsperf [-d datafile] [-s server_addr] [-p port]
               [-b bufsize] [-f family] [-e] [-D]
               [-y name:secret] [-v] [-A] [-h]
               [-q num_queries] [-t timeout] [-Q max_qps] [-1] [-l limit]
               [-c] [-H histogram_buckets] [-T histogram_seconds] [-u]
  -d specifies the input data file (default: stdin)
  -s sets the server to query (default: 127.0.0.1)
  -p sets the port on which to query the server (default: 53)
  -b set socket send/receive buffer size in kilobytes (default: 32 k)
  -f specify address family of DNS transport, inet or inet6 (default: any)
  -e enable EDNS 0
  -D set the DNSSEC OK bit (implies EDNS)
  -y specifies the TSIG name and secret (no default)
  -A report command-line arguments
  -h print this usage
  -q specifies the maximum number of queries outstanding (default: 20)
  -t specifies the timeout for query completion in seconds (default: 5)
  -Q limit the number of queries per second (no default)
  -1 run through input only once (default: multiple iff limit given)
  -l specifies how a limit for how long to run tests in seconds (no default)
  -c print the number of packets with each rcode
  -H print a response latency histogram with this many buckets
  -T include latencies up to this many seconds in histogram (use with -H)
  -u send dynamic updates instead of queries
  -v verbose: report the RCODE of each response on stdout

 

 5. 実行結果

mykw# dnsperf -s dti.mykw.jp -d domainlist -l 30

DNS Performance Testing Tool

Nominum Version 1.0.1.0

[Status] Processing input data
[Status] Sending queries (to 2001:2e8:603:0:2:1:0:3d)
[Status] Testing complete

Statistics:

Parse input file:     multiple times
Run time limit:       30 seconds
Ran through file:     12836 times

Queries sent:         25672 queries
Queries completed:    25672 queries
Queries lost:         0 queries

Avg request size:     28 bytes
Avg response size:    175 bytes

Percentage completed: 100.00%
Percentage lost:        0.00%

Started at:           Thu Mar 15 02:04:21 2012
Finished at:          Thu Mar 15 02:04:51 2012
Ran for:              30.113407 seconds

Queries per second:   852.510644 qps

mykw#

 

ちなみに、マルチコアな筐体で動かく場合はコア分並行して実行しないと全力投球できない模様。
そのような場合は screen を使うか、シェルスクリプト等で対応する形になるもよう。