domain statistics collector tutorial
play

Domain Statistics Collector Tutorial Duane Wessels DNS-OARC - PowerPoint PPT Presentation

Nov 01, 2023 •251 likes •583 views

Domain Statistics Collector Tutorial Duane Wessels DNS-OARC Advanced ccTLD Workshop September 16, 2008 ams-cctld-advanced 0 DNS-OARC What is DSC? A system for collecting, transferring, viewing, and storing a variety of measurements

  1. Domain Statistics Collector Tutorial Duane Wessels DNS-OARC Advanced ccTLD Workshop September 16, 2008 ams-cctld-advanced 0 DNS-OARC

  2. What is DSC? ◦ A system for collecting, transferring, viewing, and storing a variety of measurements taken from DNS servers. ◦ Open source (BSD license) software that runs on BSD, Linux, and Solaris. ◦ Used by Root, TLD operators (and others) to visualize DNS traffic characteristics and share data. ◦ http://dns.measurement-factory.com/tools/dsc/ ams-cctld-advanced 1 DNS-OARC

  3. Architecture

  4. DSC Architecture Servers F−root E−root SFO2 PAO1 Nodes falken DXB1 norad MAD1 palace etc crystal Browser Presenter ams-cctld-advanced 3 DNS-OARC

  5. Collector ◦ A DSC Collector process runs on (or near) a DNS server node. ◦ Uses libpcap, just like tcpdump. ◦ Works with Ethernet taps or port mirroring if you don’t want to run it on the server itself. ◦ Can be configured to collect a number of different Datasets . ◦ Writes XML files to disk every 60 seconds for transfer to the Presenter. ams-cctld-advanced 4 DNS-OARC

  6. Data Transfer ◦ A cron job runs every minute to transfer XML files from Collector to Presenter. ◦ Can send to multiple Presenters. ◦ Usually data is pushed rather than pulled . ◦ Scripts are provided to use rsync/SSH. ◦ Can also use HTTPS and client-side X.509 certificates. ams-cctld-advanced 5 DNS-OARC

  7. Presenter ◦ A cron job processes incoming XML files (and stores the data in a format that is faster to read). ◦ Apache and a CGI script are used to view the data. ◦ CGI and XML processing can be on different machines if you use NFS. ams-cctld-advanced 6 DNS-OARC

  8. Storage ◦ XML files are removed by cron job (for example, after 3 days) ◦ Other data files remain permanently. ◦ Data files are stored in SERVER/NODE/YYYYMMDD/*.dat ◦ Estimate about 500–800 MB to store 1 year of data. ams-cctld-advanced 7 DNS-OARC

  9. Indexers and Datasets

  10. How DSC Stores Data ◦ Data is stored in 1- or 2-dimensional arrays of counters. ◦ The arrays count the number of times that the collector sees packets with certain values, parameters, or characteristics. ◦ Each array is called a Dataset. ◦ Here is a simple dataset: Qtype 1 2 5 12 15 28 38 Count 201 5 9 89 117 52 33 ◦ Note that while (in this example) we could use Qtype as the array index, that doesn’t work in general because we also want to count non-numeric things like domain names and IP addresses. ◦ Thats where Indexers come in... ams-cctld-advanced 9 DNS-OARC

  11. Indexers ◦ An Indexer turns some value in a DNS message into an array index. ◦ Sort of like the way associative arrays work in perl/awk/php/etc. ◦ Some indexers are small ⊲ For example, the single-bit Recursion Desired flag ◦ Some indexers are large ⊲ For example, the query name or client IP address Value Index www.isoc.org 0 www.icann.org 1 www.google.com 2 www.microsoft.com 3 www.yahoo.com 4 ... ...

  12. ◦ If you want to add a new Indexer, you have to write some C code. ams-cctld-advanced 10 DNS-OARC

  13. Datasets ◦ A dataset is an 1D or 2D array of counters. ◦ Defined by one or two indexers, and given a name. ◦ Some filters and other options can be applied to Datasets. ◦ In most cases there is a one-to-one mapping between a Dataset and a graph on the Presenter. Sometimes there is more than one way to display the data. ◦ Datasets are written to disk every 60 seconds as an XML file. ◦ If you want to add a new Dataset, add a line to the config- uraiton file. ams-cctld-advanced 12 DNS-OARC

  14. Dataset Examples dataset qtype dns All:null Qtype:qtype queries-only; dataset rcode_vs_replylen dns Rcode:rcode ReplyLen:msglen replies-only; dataset client_subnet2 dns Class:query_classification ClientSubnet:cip4_net quer ies-only max-cells=200; ams-cctld-advanced 13 DNS-OARC

  15. Data Transfer

  16. Getting XML from Collector to Presenter ◦ DSC doesn’t really care how the XML files get from the Collector to the Presenter. ◦ Designed for store-and-forward so that data will be queued on the collectors if presenter is unreachable. ◦ Some scripts are provided that use rsync and X509. ◦ Also a script to send data to DNS-OARC (using SSH without rsync). ◦ You could write your own, use NFS, etc. ams-cctld-advanced 15 DNS-OARC

  17. rsync/SSH ◦ Probably the best balance between security and simplicity. ◦ Create a separate SSH key for each NODE. ◦ Place the NODE’s keys in the presenter authorized keys file. ams-cctld-advanced 16 DNS-OARC

  18. X509 ◦ Perhaps more secure than SSH, but a hassle to maintain. ◦ Create X509 keys/certificates for each NODE ◦ Upload through Apache with custom CGI script. ams-cctld-advanced 17 DNS-OARC

  19. Demo

  20. Installation

  21. Installing Collector ◦ Download DSC software from workshop FTP server $ cd $ fetch ftp://193.0.24.110/pub/dsc-200808221554.tar.gz $ fetch ftp://ftp.bert/pub/dsc-200808221554.tar.gz $ tar xzf dsc-200808221554.tar.gz $ cd dsc-200808221554 $ cd collector $ make ◦ Oops, we need a Perl module... $ (cd /usr/ports/devel/p5-Proc-PID-File ; sudo make all install) $ make $ sudo make install ams-cctld-advanced 20 DNS-OARC

  22. Configuring Collector $ cd /usr/local/dsc/etc $ cp dsc.conf.sample dsc.conf $ vi dsc.conf ◦ Can leave most of the defaults as they are. ◦ Today, pay special attention to: run_dir /usr/local/dsc/run/ns1; local_address 193.0.__.__; interface em0; ◦ Create the run dir $ sudo mkdir -p /usr/local/dsc/run/ns1 ams-cctld-advanced 21 DNS-OARC

  23. dsc Test Run $ cd /usr/local/dsc $ sudo bin/dsc -f -d etc/dsc.conf $ ls -l run $ less run/*.xml ams-cctld-advanced 22 DNS-OARC

  24. Running dsc normally ◦ DSC source distribution includes a BSD-style rc script, but you have to install it manually. $ cd dsc-200808221554 $ sudo install -m 755 collector/dsc/dsc.sh \ /usr/local/etc/rc.d/dsc $ sudo /usr/local/etc/rc.d/dsc start ams-cctld-advanced 23 DNS-OARC

  25. Collector Cron Jobs ◦ upload-prep.pl moves files from dsc run dir to one or more upload directories. * * * * * /usr/local/dsc/libexec/upload-prep.pl ◦ upload-rsync.sh (or similar) copies XML files from the upload directory to the presenter system. * * * * * /usr/local/dsc/libexec/upload-rsync.sh ns1 \ noc dsc-pc1@193.0.24.110:/usr/local/dsc/data/pc1/ns1 ◦ But don’t save the crontab file yet...! ams-cctld-advanced 24 DNS-OARC

  26. How does upload-prep.pl work? ◦ upload-prep.pl moves files from dsc run dir to one or more upload directories. ◦ You must create these upload directories $ cd /usr/local/dsc/run/ns1 $ sudo mkdir upload $ sudo mkdir upload/noc $ sudo mkdir upload/presenter2 # you could have more than one ◦ XML files will stay in these upload directories until they are uploaded and removed. ◦ Can run out of disk space if not careful. ams-cctld-advanced 25 DNS-OARC

  27. How does upload-rsync.sh work? ◦ Takes three arguments: NODENAME UPDIR DESTINA- TION ◦ NODENAME is the name of this collector node and must be unique. ⊲ example: ns1 ◦ UPDIR is the name of the upload directory ⊲ example: noc ◦ DESTINATION is an rsync-style destination ⊲ example: dsc-pc1@193.0.24.110:/usr/local/dsc/data ◦ Looks for a SSH key at $HOME/.ssh/dsc uploader id ⊲ ssh-keygen -d -f $HOME/.ssh/dsc_uploader_id ◦ Send your SSH public key to the presenter when its ready and test that it works. ams-cctld-advanced 26 DNS-OARC

  28. Back to crontab ◦ Save the new cron jobs ◦ Wait 60 seconds or less ◦ Check your mailbox for cron job errors ams-cctld-advanced 27 DNS-OARC

  29. Installing Presenter

  30. Dependencies $ (cd /usr/ports/*/p5-CGI-Untaint; sudo make all install) $ (cd /usr/ports/*/p5-File-Flock; sudo make all install) $ (cd /usr/ports/*/p5-File-NFSLock; sudo make all install) $ (cd /usr/ports/*/p5-Hash-Merge; sudo make all install) $ (cd /usr/ports/*/p5-IP-Country; sudo make all install) $ (cd /usr/ports/*/p5-Math-Calc-Units; sudo make all install) $ (cd /usr/ports/*/p5-Net-DNS; sudo make all install) $ (cd /usr/ports/*/p5-Text-Template; sudo make all install) $ (cd /usr/ports/*/p5-Proc-PID-File ; sudo make all install) $ (cd /usr/ports/www/apache22; sudo make all install) $ (cd /usr/ports/math/ploticus; sudo make all install) ams-cctld-advanced 29 DNS-OARC

  31. Install $ cd dsc-200808221554/presenter $ cd perllib $ perl Makefile.PL $ make && sudo make install $ cd .. $ make && sudo make install ams-cctld-advanced 30 DNS-OARC

  32. Cron Jobs */5 * * * * exec /usr/local/dsc/libexec/refile-and-grok.sh @midnight find /usr/local/dsc/data/*/*/done \ | /usr/local/dsc/libexec/remove-xmls.pl 3 17 * * * * cd /usr/local/dsc/cache; /bin/ls -t \ | /usr/bin/tail +500 \ | /usr/bin/xargs /bin/rm ◦ refile-and-grok.sh processes the incoming XML files ◦ remove-xmls.pl ... removes old XML files ◦ Lastly, a job to keep the image cache to a finite size. ams-cctld-advanced 31 DNS-OARC

  33. The Grapher ◦ Copy or symlink the dsc-grapher.pl to Apache’s cgi-bin di- rectory ◦ Might need AddHandler cgi-script .pl Options ExecCGI Includes FollowSymlinks ◦ $ cd htdocs $ sudo ln -s /usr/local/dsc/share/html dsc ◦ dsc-grapher.cfg $ cd /usr/local/dsc/etc $ cp dsc-grapher.cfg.sample dsc-grapher.cfg $ vi dsc-grapher.cfg server TLD ns1 ns2 ... ams-cctld-advanced 32 DNS-OARC

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

START CODING A half-day tutorial on developing domain-driven apps with Apache Isis DOMAIN

START CODING A half-day tutorial on developing domain-driven apps with Apache Isis DOMAIN

STOP SCAFFOLDING START CODING A half-day tutorial on developing domain-driven apps with Apache Isis DOMAIN DRIVEN DESIGN Ubiquitous Language With a conscious effort by the team, the domain model can provide the backbone for that

108 views • 7 slides
DNS (Domain Name System) Tutorial @ IETF-70 (DNS for protocol designers) lafur Gumundsson

DNS (Domain Name System) Tutorial @ IETF-70 (DNS for protocol designers) lafur Gumundsson

DNS (Domain Name System) Tutorial @ IETF-70 (DNS for protocol designers) lafur Gumundsson OGUD consulting Peter Koch DENIC eG 2007-12-02 DNS Tutorial @ IETF-70 1 ogud@ogud.com & pk@denic.de Tutorial Overview Goal: Give

736 views • 54 slides
CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001

CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001

CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001 Spring 2013 Inter-domain Routing 2153 11537 1706 52 FRGP Level 3 ARIZONA ColoState Autonomous Systems (AS) Border Gateway Protocol

566 views • 30 slides
A tutorial in spatial statistics for microscopy data analysis Ed Cohen Department of Mathematics,

A tutorial in spatial statistics for microscopy data analysis Ed Cohen Department of Mathematics,

A tutorial in spatial statistics for microscopy data analysis Ed Cohen Department of Mathematics, Imperial College London wwwf.imperial.ac.uk/ eakc07 QBI 2019 Spatial Statistics Spatial Statistics: Statistical theory and methodology for

590 views • 30 slides
A Semi Preemptive Garbage A Semi Preemptive Garbage Collector for Solid State Collector

A Semi Preemptive Garbage A Semi Preemptive Garbage Collector for Solid State Collector

A Semi Preemptive Garbage A Semi Preemptive Garbage Collector for Solid State Collector for Solid State Collector for Solid State Collector for Solid State Drives Drives Junghee Lee, Youngjae Kim, Galen M. Shipman, Sarp Oral, Feiyi Wang,

540 views • 26 slides
Domain Adaptation and Zero-Shot Learning Llus Castrejn CSC2523 Tutorial What is this? Game:

Domain Adaptation and Zero-Shot Learning Llus Castrejn CSC2523 Tutorial What is this? Game:

Domain Adaptation and Zero-Shot Learning Llus Castrejn CSC2523 Tutorial What is this? Game: Caption the following images using one short sentence. 2 / 46 What is this? 3 / 46 What is this? 4 / 46 What is this? 5 / 46 Current computer

1.03k views • 46 slides
San Mateo County San Mateo County Treasurer- -Tax Collector Tax Collector Treasurer Lee

San Mateo County San Mateo County Treasurer- -Tax Collector Tax Collector Treasurer Lee

San Mateo County San Mateo County Treasurer- -Tax Collector Tax Collector Treasurer Lee Buffington June 21, Lee Buffington June 21, 2010 2010 Mission Statement The Treasurer-Tax Collector manages and protects the Countys financial

526 views • 13 slides
Probability and Statistics Tutorial 3: week 4 Problem 6A () >

Probability and Statistics Tutorial 3: week 4 Problem 6A () >

Probability and Statistics Tutorial 3: week 4 Problem 6A () > 1 0.2 ANSWER: Use the cumulative distribution for 1 : () 2 ~

490 views • 13 slides
Scaling Domain Driven Design Greg Young IMIS Presentation Is Is Not Discussion of DDD A

Scaling Domain Driven Design Greg Young IMIS Presentation Is Is Not Discussion of DDD A

Scaling Domain Driven Design Greg Young IMIS Presentation Is Is Not Discussion of DDD A DDD Tutorial being used in a large A Scalability Tutorial scale system Discussion of concepts that can be applied to other domains to

661 views • 27 slides
ESTABLISHING GOALS & PERFORMANCE MEASURES Jordan Kaufman, Kern County Treasurer-Tax Collector

ESTABLISHING GOALS & PERFORMANCE MEASURES Jordan Kaufman, Kern County Treasurer-Tax Collector

ESTABLISHING GOALS & PERFORMANCE MEASURES Jordan Kaufman, Kern County Treasurer-Tax Collector Shari Freidenrich, Orange County Treasurer-Tax Collector Harry Hagen, Santa Barbara County Treasurer-Tax Collector The Purpose Make the CAO

775 views • 74 slides
and recommend to those in the official statistics domain? Ja Javier vier Car arranza, ranza,

and recommend to those in the official statistics domain? Ja Javier vier Car arranza, ranza,

C2G data partnerships: What can we learn from and recommend to those in the official statistics domain? Ja Javier vier Car arranza, ranza, Fund ndaci acin n Geoce ocensos, nsos, Septiembre ptiembre 2018 18 ja javier vier.ca

253 views • 22 slides
Outline About this Tutorial An Introduction to the R Environment Basics of R Objects and

Outline About this Tutorial An Introduction to the R Environment Basics of R Objects and

About this Tutorial Basics of R Statistics with R Modelling Graphics About this Tutorial Basics of R Statistics with R Modelling Graphics Outline About this Tutorial An Introduction to the R Environment Basics of R Objects and

460 views • 17 slides
Introduction to Planning Domain Modeling in RDDL Scott Sanner Observation Planning

Introduction to Planning Domain Modeling in RDDL Scott Sanner Observation Planning

ICAPS 2018 Tutorial Introduction to Planning Domain Modeling in RDDL Scott Sanner Observation Planning languages direct 5+ years of research PDDL and variants PPDDL Why? Domain design is time-consuming So everyone

1.14k views • 55 slides
TUTORIAL HANDOUT GENOVA JUNE 11 INFORMATION GEOMETRY AND ALGEBRAIC STATISTICS ON A FINITE STATE

TUTORIAL HANDOUT GENOVA JUNE 11 INFORMATION GEOMETRY AND ALGEBRAIC STATISTICS ON A FINITE STATE

TUTORIAL HANDOUT GENOVA JUNE 11 INFORMATION GEOMETRY AND ALGEBRAIC STATISTICS ON A FINITE STATE SPACE AND ON GAUSSIAN MODELS LUIGI MALAG` O AND GIOVANNI PISTONE Contents 1. Introduction 2 1.1. C. R. Rao 2 1.2. S.-H. Amari 2 2. Finite

618 views • 26 slides
Internationalized Domain Names Tutorial ICANN Meeting So Paulo, Brazil 3 December 2006 Tina

Internationalized Domain Names Tutorial ICANN Meeting So Paulo, Brazil 3 December 2006 Tina

Internationalized Domain Names Tutorial ICANN Meeting So Paulo, Brazil 3 December 2006 Tina Dam IDN Program Director ICANN Email: tina.dam@icann.org Remote Participation Jabber room is open: IDNQUESTIONS@jabber.icann.org

380 views • 35 slides
Solar Controller Training Presentation AAV solar heated 1 hot water SOLAR COLLECTOR 3

Solar Controller Training Presentation AAV solar heated 1 hot water SOLAR COLLECTOR 3

Solar Controller Training Presentation AAV solar heated 1 hot water SOLAR COLLECTOR 3 Press Gauge 2 1. Solar Collector or panel SRV Temp Gauges 2. Cylinder or store. Fill1 Vessel connection 3. Pump Station Air Scoop

379 views • 19 slides
Tzi-cker Chiueh Ganesh Venkitachalam Prashant Pradhan Computer Science Department State

Tzi-cker Chiueh Ganesh Venkitachalam Prashant Pradhan Computer Science Department State

Integrating segmentation and paging protection for safe, efficient and transparent software extensions Tzi-cker Chiueh Ganesh Venkitachalam Prashant Pradhan Computer Science Department State University of New York Stony

694 views • 22 slides
Multi-Paradigm Programming Michael Hanus Christian-Albrechts-Universit at Kiel Extend

Multi-Paradigm Programming Michael Hanus Christian-Albrechts-Universit at Kiel Extend

ETAPS2000 Multi-Paradigm Programming Michael Hanus Christian-Albrechts-Universit at Kiel Extend functional languages with features for logic (constraint) programming object-oriented programming concurrent programming

1.47k views • 110 slides
Javascript

Javascript

Few elements on HTML, HTTP and Javascript slide 269 Principles of coupling Web/BD slide 293

718 views • 16 slides
Principles of Programming Languages

Principles of Programming Languages

Principles of Programming Languages h"p://www.di.unipi.it/~andrea/Dida2ca/PLP-15/ Prof. Andrea Corradini Department of Computer Science, Pisa Lesson 30 Scrip:ng languages

476 views • 31 slides
Migration of LArSoft repos to GitHub Patrick Gartung LArSoft Coordination Meeting 10 Sept 2019

Migration of LArSoft repos to GitHub Patrick Gartung LArSoft Coordination Meeting 10 Sept 2019

Migration of LArSoft repos to GitHub Patrick Gartung LArSoft Coordination Meeting 10 Sept 2019 Motivation Move repos to Github for easier collaboration Move to the Github development model (see next slide) Take advantage of the

556 views • 11 slides
Adaptive Systems for E-Learning Peter Brusilovsky School of Information Sciences University of

Adaptive Systems for E-Learning Peter Brusilovsky School of Information Sciences University of

Adaptive Systems for E-Learning Peter Brusilovsky School of Information Sciences University of Pittsburgh, USA peterb@sis.pitt.edu http://www2.sis.pitt.edu/~peterb Overview The Context Technologies ITS technologies AH

752 views • 50 slides
NEBC Database Course 2008 Introduction to Writing Database Interfaces Hanny Kwesi Nuhu

NEBC Database Course 2008 Introduction to Writing Database Interfaces Hanny Kwesi Nuhu

NEBC Database Course 2008 Introduction to Writing Database Interfaces Hanny Kwesi Nuhu (haes@ceh.ac.uk) NERC Environmental Bioinformatics Centre Contents of the talk Why database interfaces? Perl DBI an introduction to Perl Database

711 views • 28 slides
COMP331/557: Optimisation Introduction to Gurobi 1 Outline Gurobi 1 Gurobi Python Interface

COMP331/557: Optimisation Introduction to Gurobi 1 Outline Gurobi 1 Gurobi Python Interface

COMP331/557: Optimisation Introduction to Gurobi 1 Outline Gurobi 1 Gurobi Python Interface 2 Solving a model in Gurobi 3 Building a Model from Scratch 4 Solving a Model in a Python script 5 1 What is Gurobi? State-of-the-art

263 views • 9 slides

More recommend