Mudanças entre as edições de "Teste"

De BrByte Wiki
Linha 1: Linha 1:
Os '''‘Root-Servers‘''' são servidores distribuídos globalmente e que '''são vitais para o funcionamento do serviço de DNS'''. Eles operam a ‘Root Zone‘ ou Zona Raiz, que é responsável por responder pelas requisições dos '''TLDs – Top Level Domains''' ou domínios de topo.
+
=PAGINA DE TESTES=
  
Também chamados de''' ‘Servidores Raiz’''', eles são o conjunto de servidores espalhados globalmente e os responsáveis pela autoridade da ‘Root Zone‘ ou ‘Zona Raiz’ – que é a tabela com toda a lista dos '''TLDs – Top Level Domains''' ou ‘Domínios de Topo’.
+
=Configurações DNS=
  
Esta tabela contém o próximo nível de delegação na hierarquia de nomes, pois é ela quem guarda a relação de todos os servidores autoritativos para cada um dos '''TLDs''' existentes. É esta resposta que permite um servidor de '''DNS recursivo''' continuar realizando sucessivas queries até chegar no servidor autoritativo para o domínio procurado.
+
num-threads: <number>
 +
              The  number  of threads to create to serve clients. Use 1 for no threading.
  
Genericamente, um''' TLD''' pode ser entendido como o último termo a direita de um domínio. Ele pode representar (entre outras possibilidades), um código de país (ccTLD ou country-code Top Level Domain), com o ‘.br’, ‘.ca’, etc.
 
  
 +
edns-buffer-size: <number>
 +
              Number  of bytes size to advertise as the EDNS reassembly buffer size.  This is the value put into  datagrams  over  UDP  towards peers.  The actual buffer size is determined by msg-buffer-size (both for TCP and UDP).  Do not  set  higher  than  that  value. Default  is 4096 which is RFC recommended.  If you have fragmentation reassembly problems, usually seen  as  timeouts,  then  a value of 1480 can fix it.  Setting to 512 bypasses even the most stringent path MTU problems, but is seen as extreme,  since  the amount of TCP fallback generated is excessive (probably also for this resolver, consider tuning the outgoing tcp number).
  
=Aplicativo=
 
  
É possível monitorar os status dos '''root servers''', através da distancia, latência e perda.
+
msg-buffer-size: <number>
 +
              Number  of  bytes  size of the message buffers. Default is 65552 bytes, enough for 64 Kb packets, the maximum DNS  message  size. No  message  larger  than  this  can be sent or received. Can be reduced to use less memory, but some requests for DNS data, such as for huge resource records, will result in a SERVFAIL reply to the client.
  
<div class="img-responsive align-center">[[Arquivo:BrbyteDnsRootServers.png|link=]]</div>
 
  
 +
msg-cache-slabs: <number>
 +
              Number  of  slabs  in  the message cache. Slabs reduce lock contention by threads.  Must be  set  to  a  power  of  2.  Setting (close) to the number of cpus is a reasonable guess.
  
==DNS Root Stats==
 
  
Aqui é possível verificar os gráficos de monitoramento dos '''root servers'''.
+
jostle-timeout: <msec>
 +
              Timeout used when the server is very busy.  Set to a value  that usually  results  in one roundtrip to the authority servers.  If too many queries arrive, then 50% of the queries are allowed  to run  to  completion, and the other 50% are replaced with the new incoming query if  they  have  already  spent  more  than  their allowed  time.  This protects against denial of service by slow queries or high query rates.  Default  200  milliseconds.  The effect  is  that the qps for long-lasting queries is about (num- queriesperthread / 2) / (average time  for  such  long  queries) qps.  The  qps  for  short  queries  can  be about (numqueries-perthread / 2)  / (jostletimeout  in  whole  seconds)  qps  per thread, about (1024/2)*5 = 2560 qps by default.
  
 +
rrset-cache-size: <number>
 +
              Number of bytes size of the RRset cache. Default is 4 megabytes. A  plain  number  is  in bytes, append 'k', 'm' or 'g' for kilobytes, megabytes or gigabytes (1024*1024 bytes in a megabyte).
  
*'''Latência''' : Gráfico do '''tempo de resposta''', o método usado para verificar a latência é o '''ping (icmp)'''.
 
  
<div class="img-responsive align-center">[[Arquivo:BrbyteDnsRootStatsLatencia.png|link=]]</div>
+
cache-max-ttl: <seconds>
 +
              Time  to  live  maximum  for  RRsets  and messages in the cache. Default is 86400 seconds (1  day).  If  the  maximum  kicks  in, responses  to  clients  still get decrementing TTLs based on the original (larger) values.  When the internal  TTL  expires,  the cache  item has expired.  Can be set lower to force the resolver to query for data often, and not trust (very large) TTL values.
  
  
*'''Loss''': Gráfico da porcentagem de perdas de pacotes, provenientes das tentativas de verificar latência com o''' ping (icmp)'''.
+
max-udp-size: <number>
 +
              Maximum UDP response size (not applied to TCP response).  65536 disables the udp response size maximum, and uses the choice from the client, always.  Suggested values are 512 to  4096.  Default is 4096.
  
<div class="img-responsive align-center">[[Arquivo:BrbyteDnsRootStatsLoss.png|link=]]</div>
 
  
 +
msg-cache-size: <number>
 +
              Number of  bytes  size  of  the  message  cache.  Default  is  4 megabytes.  A  plain number is in bytes, append 'k', 'm' or 'g' for kilobytes, megabytes or  gigabytes  (1024*1024  bytes  in  a megabyte).
  
*'''Distance''': Gráfico da distancia entre o seu servidor e o root servers, é mostrado em saltos (quantidade de roteadores até chegar ao destino).
 
  
<div class="img-responsive align-center">[[Arquivo:BrbyteDnsRootStatsDistance.png|link=]]</div>
+
num-queries-per-thread: <number>
 +
              The  number of queries that every thread will service simultaneously.  If more queries  arrive  that  need  servicing,  and  no queries  can  be  jostled  out  (see  jostle-timeout),  then the queries are dropped. This forces the client to  resend  after  a timeout;  allowing  the  server  time  to  work  on the existing queries. Default depends on compile options, 512 or 1024.
  
  
* '''Filtros'''
+
delay-close: <msec>
** '''Hoje:''' Gráfico do dia atual.
+
              Extra  delay  for timeouted UDP ports before they are closed, in msec.  Default is 0, and that disables it. This  prevents  very delayed  answer  packets  from  the upstream (recursive) servers from bouncing against closed ports and setting off all  sort  of close-port  counters,  with eg. 1500 msec. When timeouts happen you need extra sockets, it checks the ID and remote IP of  packets,  and  unwanted  packets  are  added  to the unwanted packet counter.
** '''Essa semana:''' Gráfico da semana corrente.
 
** '''Esse mês:''' Gráfico do mês atual.
 
** '''Mês passado:''' Gráfico de do mês anterior.
 
  
  
* '''Filtrar por data:''' Clicando na seta ([[Arquivo:icon16ArrowR.png|link=]]) podemos escolher data inicial e final para o sistema gerar gráficos de um determinado período, após preencher as datas, clique na lupa ([[Arquivo:icon16Search.png|link=]]).
+
rrset-cache-slabs: <number>
 +
              Number of slabs in the RRset cache. Slabs reduce lock contention by threads.  Must be set to a power of 2.
 +
 
 +
cache-min-ttl: <seconds>
 +
              Time to live minimum for  RRsets  and  messages  in  the  cache. Default  is  0.  If the minimum kicks in, the data is cached for longer than the domain owner intended, and thus less queries are made to look up the data.  Zero makes sure the data in the cache is as the domain owner intended, higher values, especially  more than an hour or so, can lead to trouble as the data in the cache does not match up with the actual data any more.
 +
 
 +
 
 +
root-hints: <filename>
 +
              Read the root hints from this file. Default  is  nothing,  using builtin  hints for the IN class. The file has the format of zone files, with  root  nameserver  names  and  addresses  only.  The default  may  become outdated, when servers change, therefore it is good practice to use a root-hints file.
 +
 
 +
 
 +
auto-trust-anchor-file: <filename>
 +
              File  with  trust  anchor  for  one  zone, which is tracked with RFC5011 probes. The probes are several times  per  month, thus the  machine must be online frequently.  The initial file can be one with contents as described in trust-anchor-file.  The  file is  written  to  when the anchor is updated, so the unbound user must have write permission.  Write permission to the  file, but also  to  the  directory  it  is in (to create a temporary file, which is necessary to deal with filesystem full events).
 +
 
 +
 
 +
prefetch: <yes or no>
 +
              If yes, message cache elements are prefetched before they expire to keep the cache up to date.  Default is  no.  Turning  it  on gives about 10 percent more traffic and load on the machine, but popular items do not expire from the cache.
 +
 
 +
 
 +
prefetch-key: <yes or no>
 +
              If yes, fetch the DNSKEYs earlier  in  the  validation  process, when  a  DS  record  is encountered.  This lowers the latency of requests.  It does use a little more CPU.  Also if the cache  is set to 0, it is no use. Default is no.

Edição das 08h13min de 12 de agosto de 2016

PAGINA DE TESTES

Configurações DNS

num-threads: <number> 

             The  number  of threads to create to serve clients. Use 1 for no threading.


edns-buffer-size: <number> 

             Number  of bytes size to advertise as the EDNS reassembly buffer size.  This is the value put into  datagrams  over  UDP  towards peers.   The actual buffer size is determined by msg-buffer-size (both for TCP and UDP).  Do not  set  higher  than  that  value. Default  is 4096 which is RFC recommended.  If you have fragmentation reassembly problems, usually seen  as  timeouts,  then  a value of 1480 can fix it.  Setting to 512 bypasses even the most stringent path MTU problems, but is seen as extreme,  since  the amount of TCP fallback generated is excessive (probably also for this resolver, consider tuning the outgoing tcp number).


msg-buffer-size: <number> 

             Number  of  bytes  size of the message buffers. Default is 65552 bytes, enough for 64 Kb packets, the maximum DNS  message  size. No  message  larger  than  this  can be sent or received. Can be reduced to use less memory, but some requests for DNS data, such as for huge resource records, will result in a SERVFAIL reply to the client.


msg-cache-slabs: <number> 

             Number  of  slabs  in  the message cache. Slabs reduce lock contention by threads.  Must be  set  to  a  power  of  2.  Setting (close) to the number of cpus is a reasonable guess.


jostle-timeout: <msec> 

             Timeout used when the server is very busy.  Set to a value  that usually  results  in one roundtrip to the authority servers.  If too many queries arrive, then 50% of the queries are allowed  to run  to  completion, and the other 50% are replaced with the new incoming query if  they  have  already  spent  more  than  their allowed  time.   This protects against denial of service by slow queries or high query rates.   Default  200  milliseconds.   The effect  is  that the qps for long-lasting queries is about (num- queriesperthread / 2) / (average time  for  such  long  queries) qps.   The  qps  for  short  queries  can  be about (numqueries-perthread / 2)  / (jostletimeout  in  whole  seconds)  qps  per thread, about (1024/2)*5 = 2560 qps by default.

rrset-cache-size: <number> 

             Number of bytes size of the RRset cache. Default is 4 megabytes. A  plain  number  is  in bytes, append 'k', 'm' or 'g' for kilobytes, megabytes or gigabytes (1024*1024 bytes in a megabyte).


cache-max-ttl: <seconds> 

             Time  to  live  maximum  for  RRsets  and messages in the cache. Default is 86400 seconds (1  day).  If  the  maximum  kicks  in, responses  to  clients  still get decrementing TTLs based on the original (larger) values.  When the internal  TTL  expires,  the cache  item has expired.  Can be set lower to force the resolver to query for data often, and not trust (very large) TTL values.


max-udp-size: <number> 

             Maximum UDP response size (not applied to TCP response).   65536 disables the udp response size maximum, and uses the choice from the client, always.  Suggested values are 512 to  4096.  Default is 4096.


msg-cache-size: <number> 

             Number of  bytes  size  of  the  message  cache.  Default  is  4 megabytes.   A  plain number is in bytes, append 'k', 'm' or 'g' for kilobytes, megabytes or  gigabytes  (1024*1024  bytes  in  a megabyte).


num-queries-per-thread: <number> 

             The  number of queries that every thread will service simultaneously.  If more queries  arrive  that  need  servicing,  and  no queries  can  be  jostled  out  (see  jostle-timeout),  then the queries are dropped. This forces the client to  resend  after  a timeout;  allowing  the  server  time  to  work  on the existing queries. Default depends on compile options, 512 or 1024.


delay-close: <msec> 

             Extra  delay  for timeouted UDP ports before they are closed, in msec.  Default is 0, and that disables it.  This  prevents  very delayed  answer  packets  from  the upstream (recursive) servers from bouncing against closed ports and setting off all  sort  of close-port  counters,  with eg. 1500 msec.  When timeouts happen you need extra sockets, it checks the ID and remote IP of  packets,  and  unwanted  packets  are  added  to the unwanted packet counter.


rrset-cache-slabs: <number> 

             Number of slabs in the RRset cache. Slabs reduce lock contention by threads.  Must be set to a power of 2.

cache-min-ttl: <seconds> 

             Time to live minimum for  RRsets  and  messages  in  the  cache. Default  is  0.  If the minimum kicks in, the data is cached for longer than the domain owner intended, and thus less queries are made to look up the data.  Zero makes sure the data in the cache is as the domain owner intended, higher values, especially  more than an hour or so, can lead to trouble as the data in the cache does not match up with the actual data any more.


root-hints: <filename> 

             Read the root hints from this file. Default  is  nothing,  using builtin  hints for the IN class. The file has the format of zone files, with  root  nameserver  names  and  addresses  only.  The default  may  become outdated, when servers change, therefore it is good practice to use a root-hints file.


auto-trust-anchor-file: <filename> 

             File  with  trust  anchor  for  one  zone, which is tracked with RFC5011 probes.  The probes are several times  per  month,  thus the  machine must be online frequently.  The initial file can be one with contents as described in trust-anchor-file.   The  file is  written  to  when the anchor is updated, so the unbound user must have write permission.  Write permission to the  file,  but also  to  the  directory  it  is in (to create a temporary file, which is necessary to deal with filesystem full events).


prefetch: <yes or no> 

             If yes, message cache elements are prefetched before they expire to keep the cache up to date.  Default is  no.   Turning  it  on gives about 10 percent more traffic and load on the machine, but popular items do not expire from the cache.


prefetch-key: <yes or no> 

             If yes, fetch the DNSKEYs earlier  in  the  validation  process, when  a  DS  record  is encountered.  This lowers the latency of requests.  It does use a little more CPU.  Also if the cache  is set to 0, it is no use. Default is no.
Disponível em “https://wiki.brbyte.com/index.php?title=Teste&oldid=1740
Powered by MediaWiki