lost and found ( for me ? )

lost and found ( for me ? )

↑ Grab this Headline Animator

Showing posts with label dnsperf. Show all posts
Showing posts with label dnsperf. Show all posts

install dnsperf 2.1 on CentOS7.2


# uname -ri
3.10.0-327.10.1.el7.x86_64 x86_64

# tail -1 /etc/centos-release
CentOS Linux release 7.2.1511 (Core)
At first, install BIND from source code, which is required to build dnsperf.
  91  tar xzvf bind-9.10.4b2.tar.gz
  92  cd bind-9.10.4b2
  93  ./configure
 100  ./configure
 101  make
 102  make install
install dnsperf
You can download dnsperf at http://nominum.com/measurement-tools
# tar xzvf dnsperf-src-2.1.0.0-1.tar.gz

# cd dnsperf-src-2.1.0.0-1

# sh configure

# make

# make install

# ls /usr/local/bin/*perf*
/usr/local/bin/dnsperf  /usr/local/bin/resperf  /usr/local/bin/resperf-report

No comments:
Labels: ,

install dnsperf 2.0 on Ubuntu13.04 64bit



# tail -1 /etc/lsb-release ;uname -ri
DISTRIB_DESCRIPTION="Ubuntu 13.04"
3.8.0-27-generic x86_64



download dnsperf from http://www.nominum.com/support/measurement-tools/
download BIND source from www.isc.org
install required packages to build dnsperf.
# apt-get install libbind-dev build-essential dnsutils bind9 libpcap-dev tshark libxml2-dev libssl-dev libcap-dev tshark
to build dnsperf, you need hmacsha.h
# locate hmacsha.h
/usr/include/isc/hmacsha.h
Some distributions do not include hmacsha.h when installing bind via its package manager.
If you have not found hmacsha.h, download BIND source code from www.isc.org and use hmacsh.h in BIND source code.
In case of Ubuntu13.04, you will not get hmacsha.h form BIND source code if you install bind9 via apt-get.
# cp bind-9.9.3-P2/lib/isc/include/isc/hmacsha.h /usr/include/isc/
build dnsperf
error..
# tar xzvf dnsperf-src-2.0.0.0-1.tar.gz

# sh configure

# make
gcc -g -O2 -I/usr/include -D_REENTRANT -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DHAVE_LIBNSL=1 -DHAVE_PTHREAD=1 -pthread -c dnsperf.c
In file included from dnsperf.c:56:0:
/usr/include/isc/file.h:28:22: fatal error: isc/stat.h: No such file or directory
compilation terminated.
nn, quick and dirty solution on this is getting stat.h from BIND source and copying it to /usr/include/isc directory.
# cp bind-9.9.3-P2/lib/isc/unix/include/isc/stat.h /usr/include/isc
try again.
nn, another error.
# sh configure

# make
gcc -pthread dnsperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2  -lm -o dnsperf
/usr/bin/ld: cannot find -lgssapi_krb5
/usr/bin/ld: cannot find -lkrb5
/usr/bin/ld: cannot find -lk5crypto
/usr/bin/ld: cannot find -lcom_err
collect2: error: ld returned 1 exit status
make: *** [dnsperf] Error 1
okay, again, quick and dirty solution.
# locate gssapi_krb5
/usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
/usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2.2

# ln -s /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2 /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so

# ln -s /usr/lib/x86_64-linux-gnu/libkrb5.so.3 /usr/lib/x86_64-linux-gnu/libkrb5.so

# ln -s /usr/lib/x86_64-linux-g
nu/libk5crypto.so.3 /usr/lib/x86_64-linux-gnu/libk5crypto.so

# ln -s /lib/x86_64-linux-gnu/libcom_err.so.2 /lib/x86_64-linux-gnu/libcom_err.so
try again
# sh configure

# make
gcc -pthread dnsperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2  -lm -o dnsperf
gcc -g -O2 -I/usr/include -D_REENTRANT -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DHAVE_LIBNSL=1 -DHAVE_PTHREAD=1 -pthread -c resperf.c
gcc -pthread resperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2  -lm -o resperf

# make install
mkdir -p /usr/local/bin
mkdir -p /usr/local/share/man/man1
/usr/bin/install -c  dnsperf /usr/local/bin
/usr/bin/install -c  resperf /usr/local/bin
/usr/bin/install -c  resperf-report /usr/local/bin
/usr/bin/install -c -m 644  dnsperf.1 /usr/local/share/man/man1
/usr/bin/install -c -m 644  resperf.1 /usr/local/share/man/man1
root@ubuntu-1:/home/hattori/dnsperf-src-2.0.0.0-1#
# /usr/local/bin/dnsperf -h
DNS Performance Testing Tool
Nominum Version 2.0.0.0

Usage: dnsperf [-f family] [-s server_addr] [-p port] [-a local_addr]
              [-x local_port] [-d datafile] [-c clients] [-n maxruns]
              [-l timelimit] [-b buffer_size] [-t timeout] [-e] [-D]
              [-y [alg:]name:secret] [-q num_queries] [-Q max_qps]
              [-S stats_interval] [-u] [-v] [-h]

No comments:
Labels: ,

CentOS 6.3 64 bit : install dnsperf from source code

dnsperf is a DNS stressing tool provided by Nominum.
dnsperf is similar to queryperf in which included BIND source packages.

As for CentOS4,5,6 32bit ver , there are RPM packages , however there are no RPM packages for 64bit OSes.
http://www.nominum.com/support/measurement-tools/

So I’ll build dnsperf from source code.
# uname –ri
2.6.32-279.11.1.el6.x86_64 x86_64

# cat /etc/centos-release
CentOS release 6.3 (Final)


[ logs when building dnsperf including trial and error ]

download dnsperf-src-2.0.0.0-1.tar.gz from http://www.nominum.com/support/measurement-tools/
# tar xzvf dnsperf-src-2.0.0.0-1.tar.gz
# cd dnsperf-src-2.0.0.0-1


To build dnssperf , BIND 9.4 or greater has been installed , including library and header files. ( please check README file )

install bind , bind library , bind header files , gcc and make with yum
# yum install -ybind bind-devel bind-libs
# yum install make gcc –y


build dnsperf
# sh configure


error.. dns.c:46:25: error: isc/hmacsha.h: No such file or directory
# make
gcc -g -O2 -I/usr/include -D_REENTRANT -DDIG_SIGCHASE -D_GNU_SOURCE -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DHAVE_LIBNSL=1 -DHAVE_PTHREAD=1 -pthread -c dnsperf.c
gcc -g -O2 -I/usr/include -D_REENTRANT -DDIG_SIGCHASE -D_GNU_SOURCE -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DHAVE_LIBNSL=1 -DHAVE_PTHREAD=1 -pthread -c datafile.c
gcc -g -O2 -I/usr/include -D_REENTRANT -DDIG_SIGCHASE -D_GNU_SOURCE -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DHAVE_LIBNSL=1 -DHAVE_PTHREAD=1 -pthread -c dns.c
dns.c:46:25: error: isc/hmacsha.h: No such file or directory
dns.c:96: error: expected specifier-qualifier-list before 'isc_hmacsha1_t'
dns.c: In function 'perf_dns_parsetsigkey':
dns.c:246: error: 'ISC_SHA1_DIGESTLENGTH' undeclared (first use in this function)
dns.c:246: error: (Each undeclared identifier is reported only once
dns.c:246: error: for each function it appears in.)
dns.c:248: error: 'ISC_SHA224_DIGESTLENGTH' undeclared (first use in this function)
dns.c:250: error: 'ISC_SHA256_DIGESTLENGTH' undeclared (first use in this function)
dns.c:252: error: 'ISC_SHA384_DIGESTLENGTH' undeclared (first use in this function)
dns.c:254: error: 'ISC_SHA512_DIGESTLENGTH' undeclared (first use in this function)
dns.c: In function 'hmac_init':
dns.c:344: error: 'hmac_ctx_t' has no member named 'hmacsha1'
dns.c:347: error: 'hmac_ctx_t' has no member named 'hmacsha224'
dns.c:350: error: 'hmac_ctx_t' has no member named 'hmacsha256'
dns.c:353: error: 'hmac_ctx_t' has no member named 'hmacsha384'
dns.c:356: error: 'hmac_ctx_t' has no member named 'hmacsha512'
dns.c: In function 'hmac_update':
dns.c:370: error: 'hmac_ctx_t' has no member named 'hmacsha1'
dns.c:373: error: 'hmac_ctx_t' has no member named 'hmacsha224'
dns.c:376: error: 'hmac_ctx_t' has no member named 'hmacsha256'
dns.c:379: error: 'hmac_ctx_t' has no member named 'hmacsha384'
dns.c:382: error: 'hmac_ctx_t' has no member named 'hmacsha512'
dns.c: In function 'hmac_sign':
dns.c:396: error: 'hmac_ctx_t' has no member named 'hmacsha1'
dns.c:399: error: 'hmac_ctx_t' has no member named 'hmacsha224'
dns.c:402: error: 'hmac_ctx_t' has no member named 'hmacsha256'
dns.c:405: error: 'hmac_ctx_t' has no member named 'hmacsha384'
dns.c:408: error: 'hmac_ctx_t' has no member named 'hmacsha512'
dns.c: In function 'add_tsig':
dns.c:427: error: 'ISC_SHA256_DIGESTLENGTH' undeclared (first use in this function)
make: *** [dns.o] Error 1


Seen from README , it describes:
  Note: many versions of bind do not correctly install the <isc/hmacsha.h>
  header file, so if the compilation fails, obtain this file from the BIND
  source distribution, and install it in the appropriate place.


where is “hmacsha.h” header file ?
# rpm -ql `rpm -qa | grep bind-devel` | grep hmac
/usr/include/isc/hmacmd5.h
#


nn , hmacsha.h has not been installed..

download bind-9.9.2.tar.gz from www.isc.org and copy hmacsha.h file to /usr/include/isc directory.
# bind-9.9.2.tar.gz
# tar xzvf bind-9.9.2.tar.gz
# cp bind-9.9.2/lib/isc/include/isc/hmacsha.h /usr/include/isc/


try again
# sh configure


error .
# make
gcc -pthread dnsperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2 -lz -lm  -lm -o dnsperf
/usr/bin/ld: cannot find -lgssapi_krb5
collect2: ld returned 1 exit status
make: *** [dnsperf] Error 1


where is “lgssapi_krb5” ?
# locate gssapi_krb5
/lib64/libgssapi_krb5.so.2
/lib64/libgssapi_krb5.so.2.2


make a symbolic link.
# ln -s /lib64/libgssapi_krb5.so.2.2 /usr/lib64/libgssapi_krb5.so

# ls -l /usr/lib64/libgssapi_krb5.so
lrwxrwxrwx 1 root root 28 Oct 31 21:59 /usr/lib64/libgssapi_krb5.so -> /lib64/libgssapi_krb5.so.2.2


error
# make
gcc -pthread dnsperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2 -lz -lm  -lm -o dnsperf
/usr/bin/ld: cannot find -lcrypto
collect2: ld returned 1 exit status
make: *** [dnsperf] Error 1

# ln -s /usr/lib64/libcrypto.so.10 /usr/lib64/libcrypto.so


error
# make
gcc -pthread dnsperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2 -lz -lm  -lm -o dnsperf
/usr/bin/ld: cannot find -lcap
collect2: ld returned 1 exit status
make: *** [dnsperf] Error 1

# yum install libcap-devel

# make
gcc -pthread dnsperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2 -lz -lm  -lm -o dnsperf
/usr/bin/ld: cannot find -lxml2
collect2: ld returned 1 exit status
make: *** [dnsperf] Error 1

# yum install libxml2-devel -y

# sh configure

# make
gcc -pthread dnsperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2 -lz -lm  -lm -o dnsperf
gcc -g -O2 -I/usr/include -D_REENTRANT -DDIG_SIGCHASE -D_GNU_SOURCE -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DHAVE_LIBNSL=1 -DHAVE_PTHREAD=1 -pthread -c resperf.c
gcc -pthread resperf.o  libperf.a -lnsl  -L/usr/lib -lbind9 -ldns -lgssapi_krb5 -lcrypto -lisccfg -lisc -ldl -lcap -lpthread -lxml2 -lz -lm  -lm -o resperf

# make install
mkdir -p /usr/local/bin
mkdir -p /usr/local/share/man/man1
/usr/bin/install -c  dnsperf /usr/local/bin
/usr/bin/install -c  resperf /usr/local/bin
/usr/bin/install -c  resperf-report /usr/local/bin
/usr/bin/install -c -m 644  dnsperf.1 /usr/local/share/man/man1
/usr/bin/install -c -m 644  resperf.1 /usr/local/share/man/man1


Okay , get things done :D
3 comments:
Labels: , , ,

dnsperf : DNS Dynamic Update ( DDNS )

dnsperf ってツールで DDNS の負荷もかけられるみたい。

- dnsperf

http://www.nominum.com/resources/measurement-tools

dnsperfって、queryperf の派生なのかなー。
queryperf で DDNSの負荷はかけられないみたい。

まずはDDNSの設定。TSIGなしのちょーシンプル設定

# named -v
BIND 9.7.1-P2

zone "example.com." {
       type master;
       file "example.com.zone";
       allow-update { 0.0.0.0/0; };
};

# less /var/named/example.com.zone
$ORIGIN .
$TTL 3600       ; 1 hour
example.com             IN SOA  ns1.example.com. admin.example.com. (
                               2010090204 ; serial
                               3600       ; refresh (1 hour)
                               3600       ; retry (1 hour)
                               3600       ; expire (1 hour)
                               3600       ; minimum (1 hour)
                               )
                       NS      ns1.example.com.
                       NS      ns2.example.com.
$ORIGIN example.com.
host1                   A       192.168.1.1
host10                  A       192.168.1.10
host2                   A       192.168.1.2
host3                   A       192.168.1.3
host4                   A       192.168.1.4
host5                   A       192.168.1.5
host6                   A       192.168.1.6
host7                   A       192.168.1.7
host8                   A       192.168.1.8
host9                   A       192.168.1.9
ns1                     A       10.0.0.1
ns2                     A       10.0.0.2

[ nsupdate で DDNSできるかチェック。]

# nsupdate
> server 127.1
> update add aa.example.com. 300 a 2.2.2.2
> send
> quit

アップデートできた。

hat2 named[4039]: client 127.0.0.1#48578: updating zone 'example.com/IN': adding an RR at 'aa.example.com' A
hat2 named[4039]: zone example.com/IN: sending notifies (serial 2010090205)

# dig @127.1 aa.example.com

; <<>> DiG 9.7.1-P2 <<>> @127.1 aa.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11219
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;aa.example.com.                        IN      A

;; ANSWER SECTION:
aa.example.com.         300     IN      A       2.2.2.2

[ dnsperf を使ってDDNS ]

# man dnsperf に、書式の説明がある。

-- man dnsperf 抜粋

 CONSTRUCTING A DYNAMIC UPDATE INPUT FILE
      To test dynamic update performance, dnsperf is run with the -u option, and
      the input file is constructed of blocks of lines describing dynamic update
      messages.  The first line in a block contains the zone name:

                      example.com

      Subsequent  lines  contain prerequisites, if there are any.  Prerequisites
      can specify that a name may or may not exist, an  rrset  may  or  may  not
      exist,  or  an  rrset exists and its rdata matches all specified rdata for
      that name and type. The keywords "require" and "prohibit" are followed  by
      the appropriate information. All relative names are considered to be rela-
      tive to the zone name. The following lines show the 5 types  of  prerequi-
      sites.

                      require a
                      require a A
                      require a A 1.2.3.4
                      prohibit x
                      prohibit x A

      Subsequent  lines  contain  records  to  be  added, records to be deleted,
      rrsets to be deleted, or names  to  be  deleted.  The  keywords  "add"  or
      "delete"  are  followed by the appropriate information. All relative names
      are considered to be relative to the zone name. The following  lines  show
      the 4 types of updates.

                      add x 3600 A 10.1.2.3
                      delete y A 10.1.2.3
                      delete z A
                      delete w

      Each update message is terminated by a line containing the command:

                      send

--

これにならって、下記の簡単なファイルを用意

# cat ddns.txt
example.com
add x 3600 a 10.1.2.3
send

x.example.com を追加

エラーが。。。

# dnsperf -s 127.1 -d ddns.txt

DNS Performance Testing Tool

Nominum Version 1.0.1.0

[Status] Processing input data
Invalid query input format: example.com
Invalid query type: x 3600 a 10.1.2.3
Invalid query input format: send
Input file contains no queries.

-u オプションが必要みたい。

     -u     Instructs dnsperf to send DNS dynamic update messages, rather  than
             queries.  The  format  of the input file is different in this case;
             see the "Constructing a dynamic update input file" section for more
             details.

again

できた。

# dnsperf -s 127.1 -d ddns.txt -u

DNS Performance Testing Tool

Nominum Version 1.0.1.0

[Status] Processing input data
[Status] Sending updates (to 127.0.0.1)
[Status] Testing complete

Statistics:

 Parse input file:     once
 Ended due to:         reaching end of file

 Updates sent:         1 updates
 Updates completed:    1 updates
 Updates lost:         0 updates

 Avg request size:     47 bytes
 Avg response size:    12 bytes

 Percentage completed: 100.00%
 Percentage lost:        0.00%

hat2 named[4039]: client 127.0.0.1#58373: updating zone 'example.com/IN': adding an RR at 'x.example.com' A
hat2 named[4039]: zone example.com/IN: sending notifies (serial 2010090206)

# dig @127.1 x.example.com

; <<>> DiG 9.7.1-P2 <<>> @127.1 x.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64389
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;x.example.com.                 IN      A

;; ANSWER SECTION:
x.example.com.          3600    IN      A       10.1.2.3

delete もできる。

# cat ddns_delete.txt
example.com
delete x
send

# dnsperf -s 127.1 -d ddns_delete.txt -u

hat2 named[4039]: client 127.0.0.1#58980: updating zone 'example.com/IN': delete all rrsets from name 'x.example.com'
hat2 named[4039]: zone example.com/IN: sending notifies (serial 2010090207)

[ TSIG でのアップデートもテストできるのかな?? ]

TSIGの設定

# dnssec-keygen -a HMAC-MD5 -b 512 -n HOST example.com
Kexample.com.+157+03859

# ls Kexample.com.+157+03859.*
Kexample.com.+157+03859.key  Kexample.com.+157+03859.private

HMAC-MD5 を使用しているので鍵フレーズは *.key も *.private も同じ。
どっちを使ってもOK

# cat Kexample.com.+157+03859.* | grep -i key
example.com. IN KEY 512 3 157 MRdMjVnB9H4P1iMiUVlm9TpAyHITXHfZWeB96I+Lff4CX+ENsm75wYs5 JXrAqix7G+ok3HW1Kf/y+7+eUm7MEw==
Private-key-format: v1.3
Key: MRdMjVnB9H4P1iMiUVlm9TpAyHITXHfZWeB96I+Lff4CX+ENsm75wYs5JXrAqix7G+ok3HW1Kf/y+7+eUm7MEw==

- named.conf

key "example.com" {
       algorithm hmac-md5;
       secret "MRdMjVnB9H4P1iMiUVlm9TpAyHITXHfZWeB96I+Lff4CX+ENsm75wYs5JXrAqix7G+ok3HW1Kf/y+7+eUm7MEw==";
};

zone "example.com." {
       type master;
       file "example.com.zone";
       allow-update { key example.com; };
};

nsupdate で動作チェック ( OK )

# nsupdate -k Kexample.com.+157+03859.key
> server 127.1
> update add hello.example.com. 300 a 1.1.1.1
> send
> quit

hat2 named[4261]: client 127.0.0.1#44715: updating zone 'example.com/IN': adding an RR at 'hello.example.com' A
hat2 named[4261]: zone example.com/IN: sending notifies (serial 2010090208)

# dig @127.1 hello.example.com

; <<>> DiG 9.7.1-P2 <<>> @127.1 hello.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62949
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;hello.example.com.             IN      A

;; ANSWER SECTION:
hello.example.com.      300     IN      A       1.1.1.1

dnsperf でもできたー

# cat ddns.txt
example.com
add x 3600 a 10.1.2.3
send

# dnsperf -s 127.1 -d ddns.txt -u -y "example.com:MRdMjVnB9H4P1iMiUVlm9TpAyHI
TXHfZWeB96I+Lff4CX+ENsm75wYs5 JXrAqix7G+ok3HW1Kf/y+7+eUm7MEw=="

DNS Performance Testing Tool

Nominum Version 1.0.1.0

[Status] Processing input data
[Status] Sending updates (to 127.0.0.1)
[Status] Testing complete

Statistics:

 Parse input file:     once
 Ended due to:         reaching end of file

 Updates sent:         1 updates
 Updates completed:    1 updates
 Updates lost:         0 updates

hat2 named[4261]: client 127.0.0.1#33122: updating zone 'example.com/IN': adding an RR at 'x.example.com' A
hat2 named[4261]: zone example.com/IN: sending notifies (serial 2010090210)

# dig @127.1 x.example.com

; <<>> DiG 9.7.1-P2 <<>> @127.1 x.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32681
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;x.example.com.                 IN      A

;; ANSWER SECTION:
x.example.com.          3600    IN      A       10.1.2.3

deleteもできた

# cat ddns_delete.txt
example.com
delete x
send

hat2 named[4261]: client 127.0.0.1#34341: updating zone 'example.com/IN': delete all rrsets from name 'x.example.com'
hat2 named[4261]: zone example.com/IN: sending notifies (serial 2010090211)

# dnsperf -s 127.1 -d ddns_delete.txt -u -y "example.com:MRdMjVnB9H4P1iMiUVlm
9TpAyHITXHfZWeB96I+Lff4CX+ENsm75wYs5 JXrAqix7G+ok3HW1Kf/y+7+eUm7MEw=="

これでDDNSの負荷試験ができそう。

DDNSでアップデートした情報はすぐにゾーンファイルには反映されず、ジャーナルファイルに記録される。

# ls example.com.zone*
example.com.zone  example.com.zone.jnl
No comments:
Labels: , ,
Subscribe to: Posts (Atom)