dns 20140705 up_ver
TRANSCRIPT
DNSキャッシュサーバの ベンチマークテスト
大喜多利哉
@toshi__ya
自己紹介
大喜多利哉(Toshiya OKITA)
インフラエンジニア
やったこと
DNSキャッシュサーバのベンチマーク
対象ソフトウェア
BIND(9系)
Unbound
BIND10
試験概要
dnsperfを用いてDNSサーバの負荷試験を実施する。
1)性能測定対象DNSキャッシュサーバを起動させる。
2)dnsperfはfedora19にて動作させる(yumで入れられるから)
3)テストするクエリはdnsperf 付属の/usr/share/dnsperf/queryfile-example-currentを使用する。
4)LAN接続の別サーバからdnsperfで負荷をかけ応答性能(qps)を計測する。
dnsperf -c 4 -s [対象のDNSキャッシュサーバ] -d /usr/share/dnsperf/queryfile-ex
ample-current -l 300
測定結果(BIND9)
[root@fedora02 ~]# dnsperf -c 4 -s 172.17.4.2 -d /usr/share/dnsperf/queryfile-e
xample-current -l 300
・1回目
Statistics:
Queries sent: 43068
Queries completed: 42575 (98.86%)
Queries lost: 493 (1.14%)
Response codes: NOERROR 37393 (87.83%), SERVFAIL 243 (0.57%), NXDOMAIN 4939 (11.60%)
Average packet size: request 38, response 191
Run time (s): 302.889872
Queries per second: 140.562640
Average Latency (s): 0.648839 (min 0.000517, max 19.953430)
Latency StdDev (s): 1.026137
測定結果(BIND9)
[root@fedora02 ~]# dnsperf -c 4 -s 172.17.4.2 -d /usr/share/dnsperf/queryfile-e
xample-current -l 300
・2回目
Statistics:
Queries sent: 72036
Queries completed: 71282 (98.95%)
Queries lost: 754 (1.05%)
Response codes: NOERROR 62628 (87.86%), SERVFAIL 394 (0.55%), NXDOMAIN 8260 (11.59%)
Average packet size: request 38, response 196
Run time (s): 304.263691
Queries per second: 234.277050
Average Latency (s): 0.369285 (min 0.000486, max 19.986270)
Latency StdDev (s): 0.854860
測定結果(unbound)
[root@fedora02 ~]# dnsperf -c 4 -s 172.17.4.3 -d /usr/share/dnsperf/queryfile-ex
ample-current -l 300
・1回目
Statistics:
Queries sent: 29495
Queries completed: 27712 (93.95%)
Queries lost: 1783 (6.05%)
Response codes: NOERROR 24481 (88.34%), NXDOMAIN 3231 (11.66%)
Average packet size: request 38, response 107
Run time (s): 304.349876
Queries per second: 91.053101
Average Latency (s): 0.763535 (min 0.000385, max 19.983903)
Latency StdDev (s): 1.111022
測定結果(unbound)
[root@fedora02 ~]# dnsperf -c 4 -s 172.17.4.3 -d /usr/share/dnsperf/queryfile-ex
ample-current -l 300
・2回目
Statistics:
Queries sent: 32001
Queries completed: 30345 (94.83%)
Queries lost: 1656 (5.17%)
Response codes: NOERROR 26791 (88.29%), SERVFAIL 1 (0.00%), NXDOMAIN 3553 (11.71%)
Average packet size: request 38, response 107
Run time (s): 304.613569
Queries per second: 99.618018
Average Latency (s): 0.718534 (min 0.000379, max 19.974001)
Latency StdDev (s): 1.093917
測定結果(BIND10)
[root@fedora02 ~]# dnsperf -c 4 -s 172.17.4.1 -d /usr/share/dnsperf/queryfile-example-current -l 300
・1回目
Statistics:
Queries sent: 1055394
Queries completed: 1055394 (100.00%)
Queries lost: 0 (0.00%)
Response codes: REFUSED 1055394 (100.00%)
Average packet size: request 38, response 12
Run time (s): 300.027334
Queries per second: 3517.659494
Average Latency (s): 0.028382 (min 0.007305, max 1.679361)
Latency StdDev (s): 0.009061
測定結果(BIND10)
[root@fedora02 ~]# dnsperf -c 4 -s 172.17.4.1 -d /usr/share/dnsperf/queryfile-example-current -l 300
・2回目
Statistics:
Queries sent: 1024380
Queries completed: 1024380 (100.00%)
Queries lost: 0 (0.00%)
Response codes: REFUSED 1024380 (100.00%)
Average packet size: request 38, response 12
Run time (s): 300.032054
Queries per second: 3414.235200
Average Latency (s): 0.029241 (min 0.005491, max 1.437742)
Latency StdDev (s): 0.009248
bind10の設定
- 依存するライブラリ・パッケージのインストール
$ sudo apt-get install build-essential autoconf libtool pkg-config
$ sudo apt-get install zlib1g-dev libssl-dev libexpat1-dev libreadline6-dev
$ sudo apt-get install libboost-all-dev libbotan1.10-dev liblog4cplus-dev ¥
libsqlite3-dev python3-dev
$ sudo apt-get install sqlite3
$ sudo apt-get install python3-setuptools
$ sudo easy_install3 setproctitle
-インストール
$ wget ftp://ftp.isc.org/isc/bind10/1.1.0/bind10-1.1.0.tar.gz
$ tar xzf bind10-1.1.0.tar.gz
$ cd bind10-1.1.0
$ ./configure --prefix=/usr/local
$ make
$ sudo make install
$ sudo /sbin/ldconfig
bind10の設定
-BIND10実行ユーザ作成
$ sudo addgroup --system bind
$ sudo adduser --system --home /usr/local/var/bind10 --no-create-home ¥
--disabled-password --ingroup bind bind
$ sudo chown -R bind:bind /usr/local/etc/bind10
$ sudo chmod -R g+w /usr/local/etc/bind10
$ sudo chown -R bind:bind /usr/local/var/bind10
$ sudo chmod -R g+w /usr/local/var/bind10
-BIND10サービス起動
$ sudo start bind10
bind10 start/running, process 22386
$ ps axf | grep -E '(b|bind)10'
22386 ? Ss 0:00 /usr/local/sbin/bind10
22387 ? S 0:00 ¥_ b10-sockcreator
22388 ? S 0:00 ¥_ b10-msgq
22389 ? S 0:00 ¥_ b10-cfgmgr
22390 ? S 0:00 ¥_ b10-stats
22391 ? Sl 0:00 ¥_ b10-cmdctl
bind10の設定
-リゾルバの設定(bindctl)
> config add Init/components b10-resolver
> config set Init/components/b10-resolver/special resolver
> config set Init/components/b10-resolver/kind needed
> config set Init/components/b10-resolver/priority 10
> config commit
> config add Resolver/listen_on
> config set Resolver/listen_on[2]/address "[ResolverのサーバIP]"
> config set Resolver/listen_on[2]/port 53
> config commit
-接続元許可設定(bindctl)
> config set Resolver/query_acl[1] {"from": "172.17.5.1", "action": "ACCEPT"}
> config commit
再測定結果(BIND10)
[root@fedora02 ~]# dnsperf -c 4 -s 172.17.4.1 -d /usr/share/dnsperf/queryfile-example-current -l 300
・3回目
Statistics:
Queries sent: 32440
Queries completed: 32040 (98.77%)
Queries lost: 400 (1.23%)
Response codes: NOERROR 22773 (71.08%), SERVFAIL 6215 (19.40%), NXDOMAIN 3052 (9.53%)
Average packet size: request 38, response 151
Run time (s): 303.955870
Queries per second: 105.410039
Average Latency (s): 0.877956 (min 0.000532, max 16.027931)
Latency StdDev (s): 1.436406
再測定結果(BIND10)
[root@fedora02 ~]# dnsperf -c 4 -s 172.17.4.1 -d /usr/share/dnsperf/queryfile-example-current -l 300
・4回目
Statistics:
Queries sent: 29588
Queries completed: 29188 (98.65%)
Queries lost: 400 (1.35%)
Response codes: NOERROR 20446 (70.05%), SERVFAIL 6416 (21.98%), NXDOMAIN 2326 (7.97%)
Average packet size: request 38, response 150
Run time (s): 303.924295
Queries per second: 96.037074
Average Latency (s): 0.964430 (min 0.000534, max 16.032233)
Latency StdDev (s): 1.514782
unbound.conf
server:
interface: 0.0.0.0
do-ip6: no
access-control: 172.17.0.0/16 allow
forward-zone:
name: "jp"
#name: "com"
forward-addr: 8.8.8.8
forward-addr: 8.8.4.4