About RIPE NCC    
Homepage RIPE NCC  
DNSMON

Not logged in

Login
Next Section Home | IPv4 / IPv6 | Domains | Servers | Probes | Contact | User Guide | About DNSMON    
Next Section

RIPE NCC DNS Monitoring Services

DNSMON User Guide

What is measured?
How are the measurements presented?
What are the benefits of these measurements?
What is not measured?
How to navigate the site.

What is measured?

DNS queries are sent approximately once per minute to DNS root and TLD name servers. The queries are sent from about 80 locations worldwide, with the main concentration of queries coming from the RIPE Region. The elapsed time from sending the query to receiving the answer is measured.

Graph showing Plots Measured by DNSMON
Click here to view the most recent map.

The query types used in our measurements are not typically applied in real name resolution. However both the capability and the time to answer these queries are very similar to the referral queries used in name resolution. The server has to be running and correctly configured to answer our test queries.

Technical implementation
Depending on the make of the nameserver and what we are able to probe during the automated daily configuration update, the nameserver is queried per server for the following:

Querydefault query rate
In the CH (chaos) domain
hostname.bind60 queries per hour
id.server60 queries per hour
version.bind1 query per hour
version.server1 query per hour
In the IN (Internet) domain
SOA4 queries per hour, per domain

The "default query rate" is subject to change as the make of the nameserver depends very much on this.

It is important to accept queries originating from the TTM network to the targeted nameservers. Failure to do so will result in too few measurements to be available for processing.

Although it will hamper anycast reporting and likewise, you are free to obfuscate the results from the CH queries if this is a concern to you.

When are plots visible
DNSMon requires a minimal amount of recorded data points in order to plot a graph. This is also why it may take some time before a graph is displayed after including a nameserver in DNSMon. Listed here are the criteria that makes a plot visible.

Per domain:
For a domain to be plotted all nameservers serving that domain must
  • have been actively measured by at least five probes each
  • have less than 1% measurement gaps for the given time period each
Per server:
For a server to be plotted it must
  • have been actively measured by at least 5 probes
  • have less that 10% measurement gaps for the given time period

This means that under ideal circumstances DNSMon needs to measure up to a full day in order to display data.

 

 

How are the measurements presented?

Graphs are provided to depict the measurements from three separate views:

'Probe' view:
The 'Probe' view shows a number of graphs, one to each server as seen from the Test Box that you select. You can use this view to look at DNS root and TLD service quality at one particular location . Because name servers are well-connected and geographically dispersed, this view can also be helpful as an indicator of connectivity between the Test Box location and the rest of the world.

'Server' view:
The 'Server' view shows measurements from all locations to a particular server. You can use this to assess the quality of the service provided by this particular server.

'Domain' view:
The 'Domain' view shows a number of graphs for each domain, one for the root and each monitored TLD as seen from almost all locations. You can use this view to assess the generic DNS root and TLD service quality provided to the collective pool of TTM Test Boxes.

 

What are the benefits of these measurements?

The DNS Monitoring Service provides a good assessment of the DNS root and TLD service at each TTM Test Box location. You can work out which name servers serve a particular location better than others, and what the typical delay is. You can also see what effect problems with the servers and/or the network infrastructure have on general DNS service quality.

The measurements allow you to rapidly evaluate any past or present DNS problem, and to work out if the problem is caused by poor root or TLD name service. By looking at measurements from all locations to a particular server, you can estimate the service quality of that instance. This comprehensive view lets you offset most local influences on metrics. This will give you a more complete picture than if the measurements were only from a single point on the Internet. It is possible to see if the server itself or the network infrastructure is behind poor quality service. You can also assess how 'close' any network infrastructure problems are to a given server.

 

What is not measured?

'Global' DNS root and TLD service quality
We measure from around 60 specific points. While this is much more accurate than inferring DNS quality using only measurements from a single point, it is by no means comprehensive. Our measurement locations are concentrated in the RIPE NCC Service Region. This provides a reasonably accurate view of service quality in this region with some locations outside the region for comparison.

The general quality of DNS name resolution
There are many additional factors to take into account like DNS caching, service quality of lower level DNS servers, their network connectivity and the quality of DNS implementations. For instance, due to caching only a tiny fraction of all DNS name resolutions are directly affected by the quality of DNS root service.

Effects that last less than a minute
This is the interval between queries sent from Test Boxes to name servers.

Whether the response to the query was an answer or an error
It can happen that the response to our query packet is not an answer containing the resolved name, but an failure indication other than a timeout stating the queried server was not able to resolve the query. In that case DNSMon still sees it as a response, incorporates the delay in the results and does not mark it as a drop.

Notes on IP anycasting:
The scope of our measurements is the DNS service provided at each particular Test Box location from each particular name server address. Some name server operators provide service at their address from different locations by means of IP anycasting. Our measurements do differentiate between the different instances of such a server by querying every minute for 'hostname.bind' or 'id.server'. The instance can naturally only be determined when there is a valid reply from the server. Currently, we are working on presentational aspects of this data. Watch this space for notes on progress.

 

Site Navigation

You can get around the DNSMON site by using the menu that is at the top of each page. each option will take you to a different part of the site and will also be the place to go if you need help at any time.

Screen capture of menus needed to get around DNSMON Site

If you select domains, servers or probes, you will see a second level menu appear.

Second Level Menus for the DNSMON Service


Each second level menu is specific the view that you selected. On overview pages they let you select another overview (as shown above). When you have chosen the overview that you want to see from the pull down menu, you must click on the 'show' button.

Screen Shot of Third Level DNSMON Menus

On the third level individual plot pages, you can select the time interval to plot and configure the plot (see above).

Important note regarding the interpretation of the IPv6 dnsmon data

When you interpret the IPv6 dnsmon data, please note that dnsmon does not measure the servers themselves, but the quality of the IPv6 service at the probe locations. This includes the networks between our probes and the target servers. Please also note that there are currently fewer IPv6 probes than IPv4 probes.
spacer spacer

spacer    Contact | © RIPE NCC. All rights reserved.
home lirportal ripe