2000-12-01 23:49:59 +00:00
|
|
|
/*
|
2018-02-23 09:53:12 +01:00
|
|
|
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
2000-12-01 23:49:59 +00:00
|
|
|
*
|
2016-06-27 14:56:38 +10:00
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
2018-02-23 09:53:12 +01:00
|
|
|
*
|
|
|
|
|
* See the COPYRIGHT file distributed with this work for additional
|
|
|
|
|
* information regarding copyright ownership.
|
2000-12-01 23:49:59 +00:00
|
|
|
*/
|
|
|
|
|
|
2005-04-27 04:57:32 +00:00
|
|
|
/*! \file */
|
2000-12-01 23:49:59 +00:00
|
|
|
|
2018-03-28 14:19:37 +02:00
|
|
|
#include <inttypes.h>
|
2018-04-17 08:29:14 -07:00
|
|
|
#include <stdbool.h>
|
2018-03-28 14:19:37 +02:00
|
|
|
|
2008-04-03 05:55:52 +00:00
|
|
|
#include <isc/magic.h>
|
2000-12-01 23:49:59 +00:00
|
|
|
#include <isc/mem.h>
|
2019-05-17 13:35:51 +02:00
|
|
|
#include <isc/refcount.h>
|
2009-01-27 22:30:00 +00:00
|
|
|
#include <isc/stats.h>
|
2008-01-24 02:00:44 +00:00
|
|
|
#include <isc/util.h>
|
2000-12-01 23:49:59 +00:00
|
|
|
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
#include <dns/log.h>
|
2008-04-03 05:55:52 +00:00
|
|
|
#include <dns/opcode.h>
|
|
|
|
|
#include <dns/rdatatype.h>
|
2000-12-01 23:49:59 +00:00
|
|
|
#include <dns/stats.h>
|
|
|
|
|
|
2020-02-13 14:44:37 -08:00
|
|
|
#define DNS_STATS_MAGIC ISC_MAGIC('D', 's', 't', 't')
|
2020-02-12 13:59:18 +01:00
|
|
|
#define DNS_STATS_VALID(x) ISC_MAGIC_VALID(x, DNS_STATS_MAGIC)
|
2008-04-03 05:55:52 +00:00
|
|
|
|
|
|
|
|
/*%
|
|
|
|
|
* Statistics types.
|
|
|
|
|
*/
|
|
|
|
|
typedef enum {
|
|
|
|
|
dns_statstype_general = 0,
|
|
|
|
|
dns_statstype_rdtype = 1,
|
|
|
|
|
dns_statstype_rdataset = 2,
|
2016-06-23 08:44:54 +10:00
|
|
|
dns_statstype_opcode = 3,
|
2019-06-19 16:02:50 +02:00
|
|
|
dns_statstype_rcode = 4,
|
|
|
|
|
dns_statstype_dnssec = 5
|
2008-04-03 05:55:52 +00:00
|
|
|
} dns_statstype_t;
|
|
|
|
|
|
|
|
|
|
/*%
|
|
|
|
|
* It doesn't make sense to have 2^16 counters for all possible types since
|
2020-01-17 08:41:06 +01:00
|
|
|
* most of them won't be used. We have counters for the first 256 types.
|
|
|
|
|
*
|
|
|
|
|
* A rdtypecounter is now 8 bits for RRtypes and 3 bits for flags:
|
|
|
|
|
*
|
|
|
|
|
* 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
|
|
|
|
|
* +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
|
|
|
|
|
* | | | | | | S |NX| RRType |
|
|
|
|
|
* +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
|
|
|
|
|
*
|
|
|
|
|
* If the 8 bits for RRtype are all zero, this is an Other RRtype.
|
2008-04-03 05:55:52 +00:00
|
|
|
*/
|
2020-02-12 13:59:18 +01:00
|
|
|
#define RDTYPECOUNTER_MAXTYPE 0x00ff
|
2020-01-17 08:41:06 +01:00
|
|
|
|
2012-06-08 16:32:44 +10:00
|
|
|
/*
|
2020-01-17 08:41:06 +01:00
|
|
|
*
|
|
|
|
|
* Bit 7 is the NXRRSET (NX) flag and indicates whether this is a
|
|
|
|
|
* positive (0) or a negative (1) RRset.
|
2012-06-08 16:32:44 +10:00
|
|
|
*/
|
2020-02-12 13:59:18 +01:00
|
|
|
#define RDTYPECOUNTER_NXRRSET 0x0100
|
2020-01-17 08:41:06 +01:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Then bit 5 and 6 mostly tell you if this counter is for an active,
|
|
|
|
|
* stale, or ancient RRtype:
|
|
|
|
|
*
|
|
|
|
|
* S = 0 (0b00) means Active
|
|
|
|
|
* S = 1 (0b01) means Stale
|
|
|
|
|
* S = 2 (0b10) means Ancient
|
|
|
|
|
*
|
|
|
|
|
* Since a counter cannot be stale and ancient at the same time, we
|
|
|
|
|
* treat S = 0x11 as a special case to deal with NXDOMAIN counters.
|
|
|
|
|
*/
|
2020-02-13 14:44:37 -08:00
|
|
|
#define RDTYPECOUNTER_STALE (1 << 9)
|
|
|
|
|
#define RDTYPECOUNTER_ANCIENT (1 << 10)
|
2020-01-17 08:41:06 +01:00
|
|
|
#define RDTYPECOUNTER_NXDOMAIN ((1 << 9) | (1 << 10))
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* S = 0x11 indicates an NXDOMAIN counter and in this case the RRtype
|
|
|
|
|
* field signals the expiry of this cached item:
|
|
|
|
|
*
|
|
|
|
|
* RRType = 0 (0b00) means Active
|
|
|
|
|
* RRType = 1 (0b01) means Stale
|
|
|
|
|
* RRType = 2 (0b02) means Ancient
|
|
|
|
|
*
|
|
|
|
|
*/
|
2020-02-13 14:44:37 -08:00
|
|
|
#define RDTYPECOUNTER_NXDOMAIN_STALE 1
|
2020-01-17 08:41:06 +01:00
|
|
|
#define RDTYPECOUNTER_NXDOMAIN_ANCIENT 2
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The maximum value for rdtypecounter is for an ancient NXDOMAIN.
|
|
|
|
|
*/
|
2020-02-12 13:59:18 +01:00
|
|
|
#define RDTYPECOUNTER_MAXVAL 0x0602
|
2000-12-01 23:49:59 +00:00
|
|
|
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
/*
|
|
|
|
|
* DNSSEC sign statistics.
|
|
|
|
|
*
|
|
|
|
|
* Per key we maintain 3 counters. The first is actually no counter but
|
|
|
|
|
* a key id reference. The second is the number of signatures the key created.
|
|
|
|
|
* The third is the number of signatures refreshed by the key.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* Maximum number of keys to keep track of for DNSSEC signing statistics. */
|
2020-04-03 08:14:22 +02:00
|
|
|
static int dnssecsign_max_keys = 4;
|
|
|
|
|
static int dnssecsign_block_size = 3;
|
2020-04-02 11:59:35 +02:00
|
|
|
/* Key id mask */
|
|
|
|
|
#define DNSSECSIGNSTATS_KEY_ID_MASK 0x0000FFFF
|
2019-08-07 15:11:57 +02:00
|
|
|
|
2008-01-24 02:00:44 +00:00
|
|
|
struct dns_stats {
|
2020-02-13 14:44:37 -08:00
|
|
|
unsigned int magic;
|
2020-02-12 13:59:18 +01:00
|
|
|
dns_statstype_t type;
|
2020-02-13 14:44:37 -08:00
|
|
|
isc_mem_t *mctx;
|
|
|
|
|
isc_stats_t *counters;
|
|
|
|
|
isc_refcount_t references;
|
2009-01-27 22:30:00 +00:00
|
|
|
};
|
2008-04-03 05:55:52 +00:00
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
typedef struct rdatadumparg {
|
2020-02-12 13:59:18 +01:00
|
|
|
dns_rdatatypestats_dumper_t fn;
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg;
|
2009-01-27 22:30:00 +00:00
|
|
|
} rdatadumparg_t;
|
2008-04-03 05:55:52 +00:00
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
typedef struct opcodedumparg {
|
2020-02-12 13:59:18 +01:00
|
|
|
dns_opcodestats_dumper_t fn;
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg;
|
2009-01-27 22:30:00 +00:00
|
|
|
} opcodedumparg_t;
|
2008-01-24 02:00:44 +00:00
|
|
|
|
2016-06-23 08:44:54 +10:00
|
|
|
typedef struct rcodedumparg {
|
2020-02-12 13:59:18 +01:00
|
|
|
dns_rcodestats_dumper_t fn;
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg;
|
2016-06-23 08:44:54 +10:00
|
|
|
} rcodedumparg_t;
|
2019-06-19 16:02:50 +02:00
|
|
|
typedef struct dnssecsigndumparg {
|
2020-02-12 13:59:18 +01:00
|
|
|
dns_dnssecsignstats_dumper_t fn;
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg;
|
2019-06-19 16:02:50 +02:00
|
|
|
} dnssecsigndumparg_t;
|
2016-06-23 08:44:54 +10:00
|
|
|
|
2008-01-24 02:00:44 +00:00
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_stats_attach(dns_stats_t *stats, dns_stats_t **statsp) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats));
|
|
|
|
|
REQUIRE(statsp != NULL && *statsp == NULL);
|
|
|
|
|
|
2019-05-17 13:35:51 +02:00
|
|
|
isc_refcount_increment(&stats->references);
|
2008-04-03 05:55:52 +00:00
|
|
|
|
|
|
|
|
*statsp = stats;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_stats_detach(dns_stats_t **statsp) {
|
2008-01-24 02:00:44 +00:00
|
|
|
dns_stats_t *stats;
|
|
|
|
|
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(statsp != NULL && DNS_STATS_VALID(*statsp));
|
2008-01-24 02:00:44 +00:00
|
|
|
|
|
|
|
|
stats = *statsp;
|
2008-04-03 05:55:52 +00:00
|
|
|
*statsp = NULL;
|
2008-01-24 02:00:44 +00:00
|
|
|
|
2019-05-17 13:35:51 +02:00
|
|
|
if (isc_refcount_decrement(&stats->references) == 1) {
|
2019-07-23 08:27:30 -04:00
|
|
|
isc_refcount_destroy(&stats->references);
|
2009-01-27 22:30:00 +00:00
|
|
|
isc_stats_detach(&stats->counters);
|
2008-04-03 05:55:52 +00:00
|
|
|
isc_mem_putanddetach(&stats->mctx, stats, sizeof(*stats));
|
|
|
|
|
}
|
2008-01-24 02:00:44 +00:00
|
|
|
}
|
|
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
/*%
|
|
|
|
|
* Create methods
|
|
|
|
|
*/
|
|
|
|
|
static isc_result_t
|
2012-06-08 16:32:44 +10:00
|
|
|
create_stats(isc_mem_t *mctx, dns_statstype_t type, int ncounters,
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_stats_t **statsp) {
|
2009-01-27 22:30:00 +00:00
|
|
|
dns_stats_t *stats;
|
|
|
|
|
isc_result_t result;
|
2008-01-24 02:00:44 +00:00
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
stats = isc_mem_get(mctx, sizeof(*stats));
|
2008-04-03 05:55:52 +00:00
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
stats->counters = NULL;
|
2019-05-17 13:35:51 +02:00
|
|
|
isc_refcount_init(&stats->references, 1);
|
2009-01-27 22:30:00 +00:00
|
|
|
|
|
|
|
|
result = isc_stats_create(mctx, &stats->counters, ncounters);
|
2020-02-13 21:48:23 +01:00
|
|
|
if (result != ISC_R_SUCCESS) {
|
2009-01-27 22:30:00 +00:00
|
|
|
goto clean_mutex;
|
2020-02-13 21:48:23 +01:00
|
|
|
}
|
2009-01-27 22:30:00 +00:00
|
|
|
|
|
|
|
|
stats->magic = DNS_STATS_MAGIC;
|
|
|
|
|
stats->type = type;
|
|
|
|
|
stats->mctx = NULL;
|
|
|
|
|
isc_mem_attach(mctx, &stats->mctx);
|
|
|
|
|
*statsp = stats;
|
|
|
|
|
|
|
|
|
|
return (ISC_R_SUCCESS);
|
|
|
|
|
|
2020-02-12 13:59:18 +01:00
|
|
|
clean_mutex:
|
2009-01-27 22:30:00 +00:00
|
|
|
isc_mem_put(mctx, stats, sizeof(*stats));
|
|
|
|
|
|
|
|
|
|
return (result);
|
2008-01-24 02:00:44 +00:00
|
|
|
}
|
|
|
|
|
|
2008-04-03 05:55:52 +00:00
|
|
|
isc_result_t
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_generalstats_create(isc_mem_t *mctx, dns_stats_t **statsp, int ncounters) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(statsp != NULL && *statsp == NULL);
|
|
|
|
|
|
|
|
|
|
return (create_stats(mctx, dns_statstype_general, ncounters, statsp));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
isc_result_t
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_rdatatypestats_create(isc_mem_t *mctx, dns_stats_t **statsp) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(statsp != NULL && *statsp == NULL);
|
|
|
|
|
|
2020-01-17 08:41:06 +01:00
|
|
|
/*
|
|
|
|
|
* Create rdtype statistics for the first 255 RRtypes,
|
|
|
|
|
* plus one additional for other RRtypes.
|
|
|
|
|
*/
|
|
|
|
|
return (create_stats(mctx, dns_statstype_rdtype,
|
2020-02-12 13:59:18 +01:00
|
|
|
(RDTYPECOUNTER_MAXTYPE + 1), statsp));
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
isc_result_t
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_rdatasetstats_create(isc_mem_t *mctx, dns_stats_t **statsp) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(statsp != NULL && *statsp == NULL);
|
|
|
|
|
|
|
|
|
|
return (create_stats(mctx, dns_statstype_rdataset,
|
2020-02-12 13:59:18 +01:00
|
|
|
(RDTYPECOUNTER_MAXVAL + 1), statsp));
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
isc_result_t
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_opcodestats_create(isc_mem_t *mctx, dns_stats_t **statsp) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(statsp != NULL && *statsp == NULL);
|
|
|
|
|
|
|
|
|
|
return (create_stats(mctx, dns_statstype_opcode, 16, statsp));
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-23 08:44:54 +10:00
|
|
|
isc_result_t
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_rcodestats_create(isc_mem_t *mctx, dns_stats_t **statsp) {
|
2016-06-23 08:44:54 +10:00
|
|
|
REQUIRE(statsp != NULL && *statsp == NULL);
|
|
|
|
|
|
2020-02-12 13:59:18 +01:00
|
|
|
return (create_stats(mctx, dns_statstype_rcode, dns_rcode_badcookie + 1,
|
|
|
|
|
statsp));
|
2016-06-23 08:44:54 +10:00
|
|
|
}
|
|
|
|
|
|
2019-06-19 16:02:50 +02:00
|
|
|
isc_result_t
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_dnssecsignstats_create(isc_mem_t *mctx, dns_stats_t **statsp) {
|
2019-06-19 16:02:50 +02:00
|
|
|
REQUIRE(statsp != NULL && *statsp == NULL);
|
|
|
|
|
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
/*
|
|
|
|
|
* Create two counters per key, one is the key id, the other two are
|
|
|
|
|
* the actual counters for creating and refreshing signatures.
|
|
|
|
|
*/
|
2020-04-03 08:14:22 +02:00
|
|
|
return (create_stats(mctx, dns_statstype_dnssec,
|
|
|
|
|
dnssecsign_max_keys * 3, statsp));
|
2019-06-19 16:02:50 +02:00
|
|
|
}
|
|
|
|
|
|
2008-04-03 05:55:52 +00:00
|
|
|
/*%
|
|
|
|
|
* Increment/Decrement methods
|
|
|
|
|
*/
|
|
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_generalstats_increment(dns_stats_t *stats, isc_statscounter_t counter) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_general);
|
|
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
isc_stats_increment(stats->counters, counter);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
2020-02-12 13:59:18 +01:00
|
|
|
inline static isc_statscounter_t
|
2020-02-13 14:44:37 -08:00
|
|
|
rdatatype2counter(dns_rdatatype_t type) {
|
2020-01-17 08:41:06 +01:00
|
|
|
if (type > (dns_rdatatype_t)RDTYPECOUNTER_MAXTYPE) {
|
2020-02-13 21:48:23 +01:00
|
|
|
return (0);
|
2020-01-17 08:41:06 +01:00
|
|
|
}
|
2020-02-13 21:48:23 +01:00
|
|
|
return ((isc_statscounter_t)type);
|
2020-01-17 08:41:06 +01:00
|
|
|
}
|
|
|
|
|
|
2008-04-03 05:55:52 +00:00
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_rdatatypestats_increment(dns_stats_t *stats, dns_rdatatype_t type) {
|
2020-01-17 08:41:06 +01:00
|
|
|
isc_statscounter_t counter;
|
2008-04-03 05:55:52 +00:00
|
|
|
|
|
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_rdtype);
|
|
|
|
|
|
2020-01-17 08:41:06 +01:00
|
|
|
counter = rdatatype2counter(type);
|
|
|
|
|
isc_stats_increment(stats->counters, counter);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void
|
|
|
|
|
update_rdatasetstats(dns_stats_t *stats, dns_rdatastatstype_t rrsettype,
|
2020-02-13 14:44:37 -08:00
|
|
|
bool increment) {
|
2020-01-17 08:41:06 +01:00
|
|
|
isc_statscounter_t counter;
|
2008-04-03 05:55:52 +00:00
|
|
|
|
|
|
|
|
if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) &
|
2020-02-13 14:44:37 -08:00
|
|
|
DNS_RDATASTATSTYPE_ATTR_NXDOMAIN) != 0)
|
|
|
|
|
{
|
2020-01-17 08:41:06 +01:00
|
|
|
counter = RDTYPECOUNTER_NXDOMAIN;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This is an NXDOMAIN counter, save the expiry value
|
|
|
|
|
* (active, stale, or ancient) value in the RRtype part.
|
|
|
|
|
*/
|
|
|
|
|
if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) &
|
|
|
|
|
DNS_RDATASTATSTYPE_ATTR_ANCIENT) != 0) {
|
|
|
|
|
counter |= RDTYPECOUNTER_NXDOMAIN_ANCIENT;
|
2020-02-12 13:59:18 +01:00
|
|
|
} else if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) &
|
2020-02-13 14:44:37 -08:00
|
|
|
DNS_RDATASTATSTYPE_ATTR_STALE) != 0)
|
|
|
|
|
{
|
2020-01-17 08:41:06 +01:00
|
|
|
counter += RDTYPECOUNTER_NXDOMAIN_STALE;
|
|
|
|
|
}
|
2008-04-03 05:55:52 +00:00
|
|
|
} else {
|
2020-01-17 08:41:06 +01:00
|
|
|
counter = rdatatype2counter(DNS_RDATASTATSTYPE_BASE(rrsettype));
|
2008-04-03 05:55:52 +00:00
|
|
|
|
|
|
|
|
if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) &
|
2020-01-17 08:41:06 +01:00
|
|
|
DNS_RDATASTATSTYPE_ATTR_NXRRSET) != 0) {
|
|
|
|
|
counter |= RDTYPECOUNTER_NXRRSET;
|
|
|
|
|
}
|
2008-04-03 05:55:52 +00:00
|
|
|
|
2020-01-17 08:41:06 +01:00
|
|
|
if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) &
|
|
|
|
|
DNS_RDATASTATSTYPE_ATTR_ANCIENT) != 0) {
|
|
|
|
|
counter |= RDTYPECOUNTER_ANCIENT;
|
2020-02-12 13:59:18 +01:00
|
|
|
} else if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) &
|
2020-02-13 14:44:37 -08:00
|
|
|
DNS_RDATASTATSTYPE_ATTR_STALE) != 0)
|
|
|
|
|
{
|
2020-01-17 08:41:06 +01:00
|
|
|
counter |= RDTYPECOUNTER_STALE;
|
|
|
|
|
}
|
2019-08-07 13:24:25 +02:00
|
|
|
}
|
|
|
|
|
|
2012-06-08 16:32:44 +10:00
|
|
|
if (increment) {
|
2009-01-27 22:30:00 +00:00
|
|
|
isc_stats_increment(stats->counters, counter);
|
2012-06-08 16:32:44 +10:00
|
|
|
} else {
|
2009-01-27 22:30:00 +00:00
|
|
|
isc_stats_decrement(stats->counters, counter);
|
2012-06-08 16:32:44 +10:00
|
|
|
}
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_rdatasetstats_increment(dns_stats_t *stats,
|
|
|
|
|
dns_rdatastatstype_t rrsettype) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) &&
|
|
|
|
|
stats->type == dns_statstype_rdataset);
|
|
|
|
|
|
2018-04-17 08:29:14 -07:00
|
|
|
update_rdatasetstats(stats, rrsettype, true);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_rdatasetstats_decrement(dns_stats_t *stats,
|
|
|
|
|
dns_rdatastatstype_t rrsettype) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) &&
|
|
|
|
|
stats->type == dns_statstype_rdataset);
|
|
|
|
|
|
2018-04-17 08:29:14 -07:00
|
|
|
update_rdatasetstats(stats, rrsettype, false);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
2012-06-08 16:32:44 +10:00
|
|
|
|
2008-04-03 05:55:52 +00:00
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_opcodestats_increment(dns_stats_t *stats, dns_opcode_t code) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_opcode);
|
|
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
isc_stats_increment(stats->counters, (isc_statscounter_t)code);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
2016-06-23 08:44:54 +10:00
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_rcodestats_increment(dns_stats_t *stats, dns_rcode_t code) {
|
2016-06-23 08:44:54 +10:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_rcode);
|
|
|
|
|
|
2020-02-13 21:48:23 +01:00
|
|
|
if (code <= dns_rcode_badcookie) {
|
2016-06-23 08:44:54 +10:00
|
|
|
isc_stats_increment(stats->counters, (isc_statscounter_t)code);
|
2020-02-13 21:48:23 +01:00
|
|
|
}
|
2016-06-23 08:44:54 +10:00
|
|
|
}
|
|
|
|
|
|
2019-06-19 16:02:50 +02:00
|
|
|
void
|
2020-04-02 11:59:35 +02:00
|
|
|
dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
|
2020-04-02 16:12:10 +02:00
|
|
|
dnssecsignstats_type_t operation) {
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
uint32_t kval;
|
|
|
|
|
|
2019-06-19 16:02:50 +02:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_dnssec);
|
|
|
|
|
|
2020-04-02 11:59:35 +02:00
|
|
|
/* Shift algorithm in front of key tag, which is 16 bits */
|
|
|
|
|
kval = (uint32_t)(alg << 16 | id);
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
|
|
|
|
|
/* Look up correct counter. */
|
2020-04-03 08:14:22 +02:00
|
|
|
for (int i = 0; i < dnssecsign_max_keys; i++) {
|
|
|
|
|
int idx = i * dnssecsign_block_size;
|
2020-04-02 10:50:16 +02:00
|
|
|
uint32_t counter = isc_stats_get_counter(stats->counters, idx);
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
if (counter == kval) {
|
|
|
|
|
/* Match */
|
2020-04-02 10:50:16 +02:00
|
|
|
isc_stats_increment(stats->counters, (idx + operation));
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* No match found. Store key in unused slot. */
|
2020-04-03 08:14:22 +02:00
|
|
|
for (int i = 0; i < dnssecsign_max_keys; i++) {
|
|
|
|
|
int idx = i * dnssecsign_block_size;
|
2020-04-02 10:50:16 +02:00
|
|
|
uint32_t counter = isc_stats_get_counter(stats->counters, idx);
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
if (counter == 0) {
|
2020-04-02 10:50:16 +02:00
|
|
|
isc_stats_set(stats->counters, kval, idx);
|
|
|
|
|
isc_stats_increment(stats->counters, (idx + operation));
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* No room, rotate keys. */
|
2020-04-03 08:14:22 +02:00
|
|
|
for (int i = 1; i < dnssecsign_max_keys; i++) {
|
|
|
|
|
int gidx = i * dnssecsign_block_size; /* Get key (get index,
|
|
|
|
|
gidx) */
|
2020-04-02 10:50:16 +02:00
|
|
|
uint32_t keyv = isc_stats_get_counter(stats->counters, gidx);
|
2020-04-02 16:12:10 +02:00
|
|
|
uint32_t sign = isc_stats_get_counter(
|
|
|
|
|
stats->counters, (gidx + dns_dnssecsignstats_sign));
|
|
|
|
|
uint32_t refr = isc_stats_get_counter(
|
|
|
|
|
stats->counters, (gidx + dns_dnssecsignstats_refresh));
|
2020-04-02 10:50:16 +02:00
|
|
|
|
2020-04-03 08:14:22 +02:00
|
|
|
int sidx = (i - 1) * dnssecsign_block_size; /* Set key, (set
|
|
|
|
|
index, sidx) */
|
2020-04-02 10:50:16 +02:00
|
|
|
isc_stats_set(stats->counters, keyv, sidx);
|
2020-04-02 16:12:10 +02:00
|
|
|
isc_stats_set(stats->counters, sign,
|
|
|
|
|
(sidx + dns_dnssecsignstats_sign));
|
|
|
|
|
isc_stats_set(stats->counters, refr,
|
|
|
|
|
(sidx + dns_dnssecsignstats_refresh));
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
}
|
|
|
|
|
|
2020-04-02 10:50:16 +02:00
|
|
|
/* Reset counters for new key (new index, nidx). */
|
2020-04-03 08:14:22 +02:00
|
|
|
int nidx = (dnssecsign_max_keys - 1) * dnssecsign_block_size;
|
2020-04-02 10:50:16 +02:00
|
|
|
isc_stats_set(stats->counters, kval, nidx);
|
2020-04-02 16:12:10 +02:00
|
|
|
isc_stats_set(stats->counters, 0, (nidx + dns_dnssecsignstats_sign));
|
|
|
|
|
isc_stats_set(stats->counters, 0, (nidx + dns_dnssecsignstats_refresh));
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
|
|
|
|
|
/* And increment the counter for the given operation. */
|
2020-04-02 10:50:16 +02:00
|
|
|
isc_stats_increment(stats->counters, (nidx + operation));
|
2019-06-19 16:02:50 +02:00
|
|
|
}
|
|
|
|
|
|
2008-04-03 05:55:52 +00:00
|
|
|
/*%
|
|
|
|
|
* Dump methods
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
dns_generalstats_dump(dns_stats_t *stats, dns_generalstats_dumper_t dump_fn,
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg, unsigned int options) {
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_general);
|
|
|
|
|
|
2020-02-12 13:59:18 +01:00
|
|
|
isc_stats_dump(stats->counters, (isc_stats_dumper_t)dump_fn, arg,
|
|
|
|
|
options);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2018-03-28 14:19:37 +02:00
|
|
|
dump_rdentry(int rdcounter, uint64_t value, dns_rdatastatstype_t attributes,
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_rdatatypestats_dumper_t dump_fn, void *arg) {
|
|
|
|
|
dns_rdatatype_t rdtype = dns_rdatatype_none; /* sentinel */
|
2008-04-03 05:55:52 +00:00
|
|
|
dns_rdatastatstype_t type;
|
|
|
|
|
|
2020-01-17 08:41:06 +01:00
|
|
|
if ((rdcounter & RDTYPECOUNTER_MAXTYPE) == 0) {
|
2008-04-03 05:55:52 +00:00
|
|
|
attributes |= DNS_RDATASTATSTYPE_ATTR_OTHERTYPE;
|
2020-01-17 08:41:06 +01:00
|
|
|
} else {
|
|
|
|
|
rdtype = (dns_rdatatype_t)(rdcounter & RDTYPECOUNTER_MAXTYPE);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
type = DNS_RDATASTATSTYPE_VALUE((dns_rdatastatstype_t)rdtype,
|
|
|
|
|
attributes);
|
2009-01-27 22:30:00 +00:00
|
|
|
dump_fn(type, value, arg);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2020-02-13 14:44:37 -08:00
|
|
|
rdatatype_dumpcb(isc_statscounter_t counter, uint64_t value, void *arg) {
|
2009-01-27 22:30:00 +00:00
|
|
|
rdatadumparg_t *rdatadumparg = arg;
|
|
|
|
|
|
|
|
|
|
dump_rdentry(counter, value, 0, rdatadumparg->fn, rdatadumparg->arg);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
dns_rdatatypestats_dump(dns_stats_t *stats, dns_rdatatypestats_dumper_t dump_fn,
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg0, unsigned int options) {
|
2009-01-27 22:30:00 +00:00
|
|
|
rdatadumparg_t arg;
|
2008-04-03 05:55:52 +00:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_rdtype);
|
|
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
arg.fn = dump_fn;
|
|
|
|
|
arg.arg = arg0;
|
|
|
|
|
isc_stats_dump(stats->counters, rdatatype_dumpcb, &arg, options);
|
|
|
|
|
}
|
2008-04-03 05:55:52 +00:00
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
static void
|
2020-02-13 14:44:37 -08:00
|
|
|
rdataset_dumpcb(isc_statscounter_t counter, uint64_t value, void *arg) {
|
2009-01-27 22:30:00 +00:00
|
|
|
rdatadumparg_t *rdatadumparg = arg;
|
2020-02-13 14:44:37 -08:00
|
|
|
unsigned int attributes = 0;
|
2020-01-17 08:41:06 +01:00
|
|
|
|
|
|
|
|
if ((counter & RDTYPECOUNTER_NXDOMAIN) == RDTYPECOUNTER_NXDOMAIN) {
|
|
|
|
|
attributes |= DNS_RDATASTATSTYPE_ATTR_NXDOMAIN;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* This is an NXDOMAIN counter, check the RRtype part for the
|
|
|
|
|
* expiry value (active, stale, or ancient).
|
|
|
|
|
*/
|
|
|
|
|
if ((counter & RDTYPECOUNTER_MAXTYPE) ==
|
|
|
|
|
RDTYPECOUNTER_NXDOMAIN_STALE) {
|
|
|
|
|
attributes |= DNS_RDATASTATSTYPE_ATTR_STALE;
|
|
|
|
|
} else if ((counter & RDTYPECOUNTER_MAXTYPE) ==
|
2020-02-12 13:59:18 +01:00
|
|
|
RDTYPECOUNTER_NXDOMAIN_ANCIENT) {
|
2020-01-17 08:41:06 +01:00
|
|
|
attributes |= DNS_RDATASTATSTYPE_ATTR_ANCIENT;
|
|
|
|
|
}
|
2019-08-07 13:24:25 +02:00
|
|
|
} else {
|
2020-01-17 08:41:06 +01:00
|
|
|
if ((counter & RDTYPECOUNTER_MAXTYPE) == 0) {
|
|
|
|
|
attributes |= DNS_RDATASTATSTYPE_ATTR_OTHERTYPE;
|
|
|
|
|
}
|
|
|
|
|
if ((counter & RDTYPECOUNTER_NXRRSET) != 0) {
|
|
|
|
|
attributes |= DNS_RDATASTATSTYPE_ATTR_NXRRSET;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((counter & RDTYPECOUNTER_STALE) != 0) {
|
|
|
|
|
attributes |= DNS_RDATASTATSTYPE_ATTR_STALE;
|
|
|
|
|
} else if ((counter & RDTYPECOUNTER_ANCIENT) != 0) {
|
|
|
|
|
attributes |= DNS_RDATASTATSTYPE_ATTR_ANCIENT;
|
|
|
|
|
}
|
2019-08-07 13:24:25 +02:00
|
|
|
}
|
|
|
|
|
|
2020-01-17 08:41:06 +01:00
|
|
|
dump_rdentry(counter, value, attributes, rdatadumparg->fn,
|
2019-08-07 13:24:25 +02:00
|
|
|
rdatadumparg->arg);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
dns_rdatasetstats_dump(dns_stats_t *stats, dns_rdatatypestats_dumper_t dump_fn,
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg0, unsigned int options) {
|
2009-01-27 22:30:00 +00:00
|
|
|
rdatadumparg_t arg;
|
2008-04-03 05:55:52 +00:00
|
|
|
|
|
|
|
|
REQUIRE(DNS_STATS_VALID(stats) &&
|
|
|
|
|
stats->type == dns_statstype_rdataset);
|
|
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
arg.fn = dump_fn;
|
|
|
|
|
arg.arg = arg0;
|
|
|
|
|
isc_stats_dump(stats->counters, rdataset_dumpcb, &arg, options);
|
|
|
|
|
}
|
2008-04-03 05:55:52 +00:00
|
|
|
|
2019-06-19 16:02:50 +02:00
|
|
|
static void
|
2020-02-13 14:44:37 -08:00
|
|
|
dnssec_dumpcb(isc_statscounter_t counter, uint64_t value, void *arg) {
|
2019-06-19 16:02:50 +02:00
|
|
|
dnssecsigndumparg_t *dnssecarg = arg;
|
|
|
|
|
|
|
|
|
|
dnssecarg->fn((dns_keytag_t)counter, value, dnssecarg->arg);
|
|
|
|
|
}
|
|
|
|
|
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
static void
|
2020-04-02 16:12:10 +02:00
|
|
|
dnssec_statsdump(isc_stats_t *stats, dnssecsignstats_type_t operation,
|
|
|
|
|
isc_stats_dumper_t dump_fn, void *arg, unsigned int options) {
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
int i;
|
|
|
|
|
|
2020-04-03 08:14:22 +02:00
|
|
|
for (i = 0; i < dnssecsign_max_keys; i++) {
|
|
|
|
|
int idx = dnssecsign_block_size * i;
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
uint32_t kval, val;
|
|
|
|
|
dns_keytag_t id;
|
|
|
|
|
|
2020-04-02 10:50:16 +02:00
|
|
|
kval = isc_stats_get_counter(stats, idx);
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
if (kval == 0) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-02 10:50:16 +02:00
|
|
|
val = isc_stats_get_counter(stats, (idx + operation));
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
if ((options & ISC_STATSDUMP_VERBOSE) == 0 && val == 0) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-02 11:59:35 +02:00
|
|
|
id = (dns_keytag_t)kval & DNSSECSIGNSTATS_KEY_ID_MASK;
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
|
|
|
|
|
dump_fn((isc_statscounter_t)id, val, arg);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-19 16:02:50 +02:00
|
|
|
void
|
2020-04-02 16:12:10 +02:00
|
|
|
dns_dnssecsignstats_dump(dns_stats_t *stats, dnssecsignstats_type_t operation,
|
2020-02-12 13:59:18 +01:00
|
|
|
dns_dnssecsignstats_dumper_t dump_fn, void *arg0,
|
2020-02-13 14:44:37 -08:00
|
|
|
unsigned int options) {
|
2019-06-19 16:02:50 +02:00
|
|
|
dnssecsigndumparg_t arg;
|
|
|
|
|
|
2020-02-12 13:59:18 +01:00
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_dnssec);
|
2019-06-19 16:02:50 +02:00
|
|
|
|
|
|
|
|
arg.fn = dump_fn;
|
|
|
|
|
arg.arg = arg0;
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
|
2020-04-02 16:12:10 +02:00
|
|
|
dnssec_statsdump(stats->counters, operation, dnssec_dumpcb, &arg,
|
Redesign dnssec sign statistics
The first attempt to add DNSSEC sign statistics was naive: for each
zone we allocated 64K counters, twice. In reality each zone has at
most four keys, so the new approach only has room for four keys per
zone. If after a rollover more keys have signed the zone, existing
keys are rotated out.
The DNSSEC sign statistics has three counters per key, so twelve
counters per zone. First counter is actually a key id, so it is
clear what key contributed to the metrics. The second counter
tracks the number of generated signatures, and the third tracks
how many of those are refreshes.
This means that in the zone structure we no longer need two separate
references to DNSSEC sign metrics: both the resign and refresh stats
are kept in a single dns_stats structure.
Incrementing dnssecsignstats:
Whenever a dnssecsignstat is incremented, we look up the key id
to see if we already are counting metrics for this key. If so,
we update the corresponding operation counter (resign or
refresh).
If the key is new, store the value in a new counter and increment
corresponding counter.
If all slots are full, we rotate the keys and overwrite the last
slot with the new key.
Dumping dnssecsignstats:
Dumping dnssecsignstats is no longer a simple wrapper around
isc_stats_dump, but uses the same principle. The difference is that
rather than dumping the index (key tag) and counter, we have to look
up the corresponding counter.
2020-03-26 16:02:36 +01:00
|
|
|
options);
|
2019-06-19 16:02:50 +02:00
|
|
|
}
|
|
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
static void
|
2020-02-13 14:44:37 -08:00
|
|
|
opcode_dumpcb(isc_statscounter_t counter, uint64_t value, void *arg) {
|
2009-01-27 22:30:00 +00:00
|
|
|
opcodedumparg_t *opcodearg = arg;
|
2008-04-03 05:55:52 +00:00
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
opcodearg->fn((dns_opcode_t)counter, value, opcodearg->arg);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
2016-06-23 08:44:54 +10:00
|
|
|
static void
|
2020-02-13 14:44:37 -08:00
|
|
|
rcode_dumpcb(isc_statscounter_t counter, uint64_t value, void *arg) {
|
2016-06-23 08:44:54 +10:00
|
|
|
rcodedumparg_t *rcodearg = arg;
|
|
|
|
|
|
|
|
|
|
rcodearg->fn((dns_rcode_t)counter, value, rcodearg->arg);
|
|
|
|
|
}
|
|
|
|
|
|
2008-04-03 05:55:52 +00:00
|
|
|
void
|
|
|
|
|
dns_opcodestats_dump(dns_stats_t *stats, dns_opcodestats_dumper_t dump_fn,
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg0, unsigned int options) {
|
2009-01-27 22:30:00 +00:00
|
|
|
opcodedumparg_t arg;
|
2008-04-03 05:55:52 +00:00
|
|
|
|
|
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_opcode);
|
|
|
|
|
|
2009-01-27 22:30:00 +00:00
|
|
|
arg.fn = dump_fn;
|
|
|
|
|
arg.arg = arg0;
|
|
|
|
|
isc_stats_dump(stats->counters, opcode_dumpcb, &arg, options);
|
2008-04-03 05:55:52 +00:00
|
|
|
}
|
|
|
|
|
|
2016-06-23 08:44:54 +10:00
|
|
|
void
|
|
|
|
|
dns_rcodestats_dump(dns_stats_t *stats, dns_rcodestats_dumper_t dump_fn,
|
2020-02-13 14:44:37 -08:00
|
|
|
void *arg0, unsigned int options) {
|
2016-06-23 08:44:54 +10:00
|
|
|
rcodedumparg_t arg;
|
|
|
|
|
|
|
|
|
|
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_rcode);
|
|
|
|
|
|
|
|
|
|
arg.fn = dump_fn;
|
|
|
|
|
arg.arg = arg0;
|
|
|
|
|
isc_stats_dump(stats->counters, rcode_dumpcb, &arg, options);
|
|
|
|
|
}
|
|
|
|
|
|
2008-01-24 02:00:44 +00:00
|
|
|
/***
|
2008-04-03 05:55:52 +00:00
|
|
|
*** Obsolete variables and functions follow:
|
2008-01-24 02:00:44 +00:00
|
|
|
***/
|
2020-02-12 13:59:18 +01:00
|
|
|
LIBDNS_EXTERNAL_DATA const char *dns_statscounter_names[DNS_STATS_NCOUNTERS] = {
|
|
|
|
|
"success", "referral", "nxrrset", "nxdomain",
|
|
|
|
|
"recursion", "failure", "duplicate", "dropped"
|
|
|
|
|
};
|
2008-04-03 05:55:52 +00:00
|
|
|
|
2000-12-01 23:49:59 +00:00
|
|
|
isc_result_t
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_stats_alloccounters(isc_mem_t *mctx, uint64_t **ctrp) {
|
|
|
|
|
int i;
|
2020-02-12 13:59:18 +01:00
|
|
|
uint64_t *p = isc_mem_get(mctx, DNS_STATS_NCOUNTERS * sizeof(uint64_t));
|
2020-02-13 21:48:23 +01:00
|
|
|
if (p == NULL) {
|
2000-12-01 23:49:59 +00:00
|
|
|
return (ISC_R_NOMEMORY);
|
2020-02-13 21:48:23 +01:00
|
|
|
}
|
|
|
|
|
for (i = 0; i < DNS_STATS_NCOUNTERS; i++) {
|
2000-12-01 23:49:59 +00:00
|
|
|
p[i] = 0;
|
2020-02-13 21:48:23 +01:00
|
|
|
}
|
2000-12-01 23:49:59 +00:00
|
|
|
*ctrp = p;
|
|
|
|
|
return (ISC_R_SUCCESS);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2020-02-13 14:44:37 -08:00
|
|
|
dns_stats_freecounters(isc_mem_t *mctx, uint64_t **ctrp) {
|
2018-03-28 14:19:37 +02:00
|
|
|
isc_mem_put(mctx, *ctrp, DNS_STATS_NCOUNTERS * sizeof(uint64_t));
|
2000-12-01 23:49:59 +00:00
|
|
|
*ctrp = NULL;
|
|
|
|
|
}
|
