General Commands Manual

NAME¶

dnsmeter - DNS performance and infrastructure testing

SYNOPSIS¶

dnsmeter [-h] [-q HOST] [-s NET|pcap] [-e ETH] [-z HOST:PORT] [-p FILE] [-l #] [-t #] [-n #] [-r #] [-d #] [-c FILE] [--ignore]

DESCRIPTION¶

DNSMeter is a tool for testing performance of nameserver and/or infrastructure around it. It generates dns queries and sends them via UDP to a target nameserver and counts the answers.

Features:
- payload can be given as text file or PCAP file
- can automatically run different load steps, which can be given as list or ranges
- results per load step can be stored in CSV file
- sender address can be spoofed from a given network or from PCAP file, if payload is a PCAP file
- answers are counted, even if source address is spoofed, if answers get routed back to the load generator
- roundtrip-times are measured (average, min, mix)
- amount of DNSSEC queries can be given as percentage of total traffic
- optimized for high amount of packets. On an Intel(R) Xeon(R) CPU E5-2430 v2 @ 2.50GHz it can generate more than 900.000 packets per second

OPTIONS¶

-h: Show option help.
-q HOST: Hostname or IP address of sender if you don't want to spoof (see -s).
-s NET|pcap: Spoof sender address. Use random IP from the given network (example: 192.168.0.0/16). Only works when running as root! If payload is a PCAP file, you can use -spcap to use the source addresses and ports from the PCAP file.
-e ETH: Interface on which the packet receiver should listen (FreeBSD only).
-z HOST:PORT: Hostname or IP address and port of the target nameserver.
-p FILE: File with queries/payload or PCAP file.
-l #: Runtime in seconds (default=10 seconds).
-t #: Timeout in seconds (default=2 seconds).
-n #: Number of worker threads (default=1).
-r #: Query rate (Default=as much as possible) can be a single value, a comma separated list (rate,rate,...) or a range and a step value (start - end, step).
-d #: Amount of queries in percent on which the DNSSEC-flags are set (default=0).
-c FILE: CSV-file for results.
--ignore: Answers are ignored and therefor not counted. In this mode the tool only generates traffic.

USAGE¶

This section contains additional usage information not covered by the options documentation.

-q HOST | -s NETWORK | -s pcap

Source IP, hostname or network from which the packets should be send. If you dont't want to spoof, use -q with a single IP address or hostname. Use -s followed by a network, if you want to spoof the source address. dnsmeter will generated random IP addresses inside this network. Example: -s 10.0.0.0/8.

If payload is a PCAP file, you can use the source addresses and ports from the PCAP file, if you use -s pcap.

-e ETH

Ignored on Linux, but on FreeBSD you have to enter the name of the network interface on which the tool should listen for the answers.

-p FILE

File with payload in text format or PCAP file. When using a text format each line must contain one query with name and record type.

Example:

www.denic.de A
denic.de NS
...

NOTE: the file should not be too big, because it is completely loaded into memory and pre-compiled to DNS query packets.

-n #

Number of worker threads, recommendation:
- less than 200000 packets per second: 1 Thread
- 200000 - 500000 packets per second: 2 Threads
- more than 500000 packets per second: 4 Threads

NOTE: this is CPU dependent! If you have a fast CPU, you may need lesser threads, on a slow CPU you may need more threads. Don't use more threads than cores available on your CPU, minus one!

-r #[,#,#]

Query rate or load steps. Can be a single value if you want to test a specific query rate, a comma separated list or a range with step with.

Examples:
- Single value: -r 100000
- a list of query rates: -r 10000,20000,30000,40000,50000,60000
- a range with step: -r 10000-200000,10000

-d #

Amount of DNSSEC queries in percentage between 0 and 100. Is ignored, if using PCAP file as payload.

-c FILENAME

Filename for results in CSV format.

NOTE: if file exists, results are appended!

EXAMPLE¶

Lets assume the following scenario:
- load generator runs on FreeBSD
- network interface an which the traffic goes out and comes back is "igb0"
- source ip on the load generator is 192.168.155.20
- target nameserver has ip 192.168.0.1, port 53
- we want to spoof the sender address from the network 10.0.0.0/8
- the payload file is found here: /home/testdata/payload.txt
- the nameserver is running on CentOS and we need to set a route back to the load generator:
ip route add 10.0.0.0/8 via 192.168.155.20
- we want to test the following load steps: 30000,40000,45000,50000,100000,150000
- results should be written to results.csv
- DNSSEC rate should be 70%

This makes the following command:

dnsmeter -p /home/testdata/payload.txt \
-r 30000,40000,45000,50000,100000,150000 \
-s 10.0.0.0/8 \
-z 192.168.0.1:53 \
-e igb0 \
-d 70 \
-c results.csv

In the second example, we want to use a PCAP file as payload and want to spoof with the addresses from that file:

dnsmeter -p /home/testdata/pcap.file1 \
-r 30000,40000,45000,50000,100000,150000 \
-s pcap \
-z 192.168.0.1:53 \
-e igb0 \
-c results_pcap.csv

AUTHOR¶

Patrick Fedick (https://github.com/pfedick)

Maintained by DNS-OARC

https://www.dns-oarc.net/

BUGS¶

For issues and feature requests please use:

https://github.com/DNS-OARC/dnsmeter/issues

For question and help please use:

admin@dns-oarc.net

1.0.2

dnsmeter

Source file:	dnsmeter.1.en.gz (from dnsmeter 1.0.2-1.13)
Source last updated:	2021-06-04T20:23:55Z
Converted to HTML:	2024-11-21T01:43:03Z