Using Atlas for Monitoring of Anycast DNS
Hello! I want to restart this old thread and ask for available tools. For our Anycast DNS cloud, I want to measure the "performance", ie the RTT from Atlas probes. 1. Create measurements (I can do that already ;-) 2. Analyze this measurements: - fetch measurement - analyze the probe locations (ie. country, continent) - create reports with average RTT from certain countries and continents This second step I have partly in old scripts using influxdb and grafana dashboard - but that was a proof of concept with bad code. So, before starting coding from the base - are there some available scripts which can do the second part? Is https://github.com/RIPE-NCC/ripe.atlas.sagan still the way to go for measurement processing or are there meanwhile some better/smarter libraries? ie something for php? Thanks Klaus Am 20.11.2014 um 16:32 schrieb Klaus Darilion:
Hi!
I want to monitor an Anycasted authoritative name server: - are all nodes responding - are all nodes in routing ...
So I thought about starting a long term DNS measurement with plenty of probes and NSID queried. Then, checking the results I should see every possible NSID if there are for more probes than Anycast-nodes.
Does anybody have done that (or similar) already and want to share code?
Can the RIPE Atlas Status Checks be used for such monitoring?
Thanks Klaus
On Thu, Jan 16, 2020 at 04:33:47PM +0100, Klaus Darilion <klaus.mailinglists@pernau.at> wrote a message of 48 lines which said:
- analyze the probe locations (ie. country, continent)
Instead of analyzing it afterwards, why not directly asking probes on the place you're interested in? I often use NSID to watch anycast servers, indeed: % blaeu-resolve --requested 100 --area West --nameserver $(dig +short +nodnssec d.nic.fr A) --type SOA --nsid --displayrtt fr Nameserver 194.0.9.1 [NSID: b'dns.th2.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 34 occurrences Average RTT 146 ms [NSID: b'dns.fra.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 3 occurrences Average RTT 100 ms [NSID: b'dns.nyc.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 35 occurrences Average RTT 56 ms [NSID: b'dns.ix1.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 4 occurrences Average RTT 116 ms [TIMEOUT] : 2 occurrences Average RTT 0 ms [NSID: b'dns.mrs.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 10 occurrences Average RTT 156 ms [NSID: b'dns.ams.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 8 occurrences Average RTT 101 ms [NSID: b'dns.lon.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 2 occurrences Average RTT 154 ms [nsmaster.nic.fr. hostmaster.nic.fr. 2225269297 3600 1800 3600000 5400] : 1 occurrences Average RTT 24 ms Test #23843409 done at 2020-01-16T15:43:10Z Note the wonders of BGP: only a minority of probes use the instance in New York City (the fastest one) :-( Note also that the last result comes from a transparent proxy, redirecting to a cache.
We make pretty extensive use of Sagan for most of our Atlas analysis. It's maybe a little less critical for our DNS measurements (as compared to say traceroutes, where interpreting things like error conditions can be convoluted), especially since, as mentioned, you can often get DNS responses to encode everything you want (i.e. NSID or hostname.bind chaos queries). -Marcel On Thu, Jan 16, 2020 at 7:45 AM Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:
On Thu, Jan 16, 2020 at 04:33:47PM +0100, Klaus Darilion <klaus.mailinglists@pernau.at> wrote a message of 48 lines which said:
- analyze the probe locations (ie. country, continent)
Instead of analyzing it afterwards, why not directly asking probes on the place you're interested in?
I often use NSID to watch anycast servers, indeed:
% blaeu-resolve --requested 100 --area West --nameserver $(dig +short +nodnssec d.nic.fr A) --type SOA --nsid --displayrtt fr Nameserver 194.0.9.1 [NSID: b'dns.th2.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 34 occurrences Average RTT 146 ms [NSID: b'dns.fra.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 3 occurrences Average RTT 100 ms [NSID: b'dns.nyc.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 35 occurrences Average RTT 56 ms [NSID: b'dns.ix1.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 4 occurrences Average RTT 116 ms [TIMEOUT] : 2 occurrences Average RTT 0 ms [NSID: b'dns.mrs.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 10 occurrences Average RTT 156 ms [NSID: b'dns.ams.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 8 occurrences Average RTT 101 ms [NSID: b'dns.lon.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 2 occurrences Average RTT 154 ms [nsmaster.nic.fr. hostmaster.nic.fr. 2225269297 3600 1800 3600000 5400] : 1 occurrences Average RTT 24 ms Test #23843409 done at 2020-01-16T15:43:10Z
Note the wonders of BGP: only a minority of probes use the instance in New York City (the fastest one) :-(
Note also that the last result comes from a transparent proxy, redirecting to a cache.
-- *Marcel Flores, PhD* | Sr. Research Scientist research.verizondigitalmedia.com | AS15133 <https://www.peeringdb.com/asn/15133> e: marcel.flores@verizondigitalmedia.com 13031 W Jefferson Blvd. Building 900, Los Angeles, CA 90094
Looks like a nice tool. Thanks for the hint. Klaus Am 16.01.2020 um 16:45 schrieb Stephane Bortzmeyer:
On Thu, Jan 16, 2020 at 04:33:47PM +0100, Klaus Darilion <klaus.mailinglists@pernau.at> wrote a message of 48 lines which said:
- analyze the probe locations (ie. country, continent)
Instead of analyzing it afterwards, why not directly asking probes on the place you're interested in?
I often use NSID to watch anycast servers, indeed:
% blaeu-resolve --requested 100 --area West --nameserver $(dig +short +nodnssec d.nic.fr A) --type SOA --nsid --displayrtt fr Nameserver 194.0.9.1 [NSID: b'dns.th2.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 34 occurrences Average RTT 146 ms [NSID: b'dns.fra.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 3 occurrences Average RTT 100 ms [NSID: b'dns.nyc.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 35 occurrences Average RTT 56 ms [NSID: b'dns.ix1.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 4 occurrences Average RTT 116 ms [TIMEOUT] : 2 occurrences Average RTT 0 ms [NSID: b'dns.mrs.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 10 occurrences Average RTT 156 ms [NSID: b'dns.ams.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 8 occurrences Average RTT 101 ms [NSID: b'dns.lon.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 2 occurrences Average RTT 154 ms [nsmaster.nic.fr. hostmaster.nic.fr. 2225269297 3600 1800 3600000 5400] : 1 occurrences Average RTT 24 ms Test #23843409 done at 2020-01-16T15:43:10Z
Note the wonders of BGP: only a minority of probes use the instance in New York City (the fastest one) :-(
Note also that the last result comes from a transparent proxy, redirecting to a cache.
Klaus and other RIPE Atlas folks, One thing that I noticed is that it is almost impossible to have enough Atlas credits to do operational monitoring of an anycast DNS setup. This is because in order to have enough credits to get timely checks you need to have many times as many probes as sites to check. This is not to say that RIPE Atlas is not a helpful and useful tool, but I think it can only be an additional source of information for your main monitoring setup. Cheers, -- Shane On 17/01/2020 17.41, Klaus Darilion wrote:
Looks like a nice tool. Thanks for the hint. Klaus
Am 16.01.2020 um 16:45 schrieb Stephane Bortzmeyer:
On Thu, Jan 16, 2020 at 04:33:47PM +0100, Klaus Darilion <klaus.mailinglists@pernau.at> wrote a message of 48 lines which said:
- analyze the probe locations (ie. country, continent)
Instead of analyzing it afterwards, why not directly asking probes on the place you're interested in?
I often use NSID to watch anycast servers, indeed:
% blaeu-resolve --requested 100 --area West --nameserver $(dig +short +nodnssec d.nic.fr A) --type SOA --nsid --displayrtt fr Nameserver 194.0.9.1 [NSID: b'dns.th2.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 34 occurrences Average RTT 146 ms [NSID: b'dns.fra.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 3 occurrences Average RTT 100 ms [NSID: b'dns.nyc.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 35 occurrences Average RTT 56 ms [NSID: b'dns.ix1.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 4 occurrences Average RTT 116 ms [TIMEOUT] : 2 occurrences Average RTT 0 ms [NSID: b'dns.mrs.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 10 occurrences Average RTT 156 ms [NSID: b'dns.ams.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 8 occurrences Average RTT 101 ms [NSID: b'dns.lon.nic.fr' nsmaster.nic.fr. hostmaster.nic.fr. 2225269298 3600 1800 3600000 5400] : 2 occurrences Average RTT 154 ms [nsmaster.nic.fr. hostmaster.nic.fr. 2225269297 3600 1800 3600000 5400] : 1 occurrences Average RTT 24 ms Test #23843409 done at 2020-01-16T15:43:10Z
Note the wonders of BGP: only a minority of probes use the instance in New York City (the fastest one) :-(
Note also that the last result comes from a transparent proxy, redirecting to a cache.
participants (4)
-
Klaus Darilion -
Marcel Flores -
Shane Kerr -
Stephane Bortzmeyer