domain statistics collector tutorial
play

Domain Statistics Collector Tutorial Duane Wessels DNS-OARC - PowerPoint PPT Presentation

Nov 01, 2023 •251 likes •583 views

Domain Statistics Collector Tutorial Duane Wessels DNS-OARC Advanced ccTLD Workshop September 16, 2008 ams-cctld-advanced 0 DNS-OARC What is DSC? A system for collecting, transferring, viewing, and storing a variety of measurements

  1. Domain Statistics Collector Tutorial Duane Wessels DNS-OARC Advanced ccTLD Workshop September 16, 2008 ams-cctld-advanced 0 DNS-OARC

  2. What is DSC? ◦ A system for collecting, transferring, viewing, and storing a variety of measurements taken from DNS servers. ◦ Open source (BSD license) software that runs on BSD, Linux, and Solaris. ◦ Used by Root, TLD operators (and others) to visualize DNS traffic characteristics and share data. ◦ http://dns.measurement-factory.com/tools/dsc/ ams-cctld-advanced 1 DNS-OARC

  3. Architecture

  4. DSC Architecture Servers F−root E−root SFO2 PAO1 Nodes falken DXB1 norad MAD1 palace etc crystal Browser Presenter ams-cctld-advanced 3 DNS-OARC

  5. Collector ◦ A DSC Collector process runs on (or near) a DNS server node. ◦ Uses libpcap, just like tcpdump. ◦ Works with Ethernet taps or port mirroring if you don’t want to run it on the server itself. ◦ Can be configured to collect a number of different Datasets . ◦ Writes XML files to disk every 60 seconds for transfer to the Presenter. ams-cctld-advanced 4 DNS-OARC

  6. Data Transfer ◦ A cron job runs every minute to transfer XML files from Collector to Presenter. ◦ Can send to multiple Presenters. ◦ Usually data is pushed rather than pulled . ◦ Scripts are provided to use rsync/SSH. ◦ Can also use HTTPS and client-side X.509 certificates. ams-cctld-advanced 5 DNS-OARC

  7. Presenter ◦ A cron job processes incoming XML files (and stores the data in a format that is faster to read). ◦ Apache and a CGI script are used to view the data. ◦ CGI and XML processing can be on different machines if you use NFS. ams-cctld-advanced 6 DNS-OARC

  8. Storage ◦ XML files are removed by cron job (for example, after 3 days) ◦ Other data files remain permanently. ◦ Data files are stored in SERVER/NODE/YYYYMMDD/*.dat ◦ Estimate about 500–800 MB to store 1 year of data. ams-cctld-advanced 7 DNS-OARC

  9. Indexers and Datasets

  10. How DSC Stores Data ◦ Data is stored in 1- or 2-dimensional arrays of counters. ◦ The arrays count the number of times that the collector sees packets with certain values, parameters, or characteristics. ◦ Each array is called a Dataset. ◦ Here is a simple dataset: Qtype 1 2 5 12 15 28 38 Count 201 5 9 89 117 52 33 ◦ Note that while (in this example) we could use Qtype as the array index, that doesn’t work in general because we also want to count non-numeric things like domain names and IP addresses. ◦ Thats where Indexers come in... ams-cctld-advanced 9 DNS-OARC

  11. Indexers ◦ An Indexer turns some value in a DNS message into an array index. ◦ Sort of like the way associative arrays work in perl/awk/php/etc. ◦ Some indexers are small ⊲ For example, the single-bit Recursion Desired flag ◦ Some indexers are large ⊲ For example, the query name or client IP address Value Index www.isoc.org 0 www.icann.org 1 www.google.com 2 www.microsoft.com 3 www.yahoo.com 4 ... ...

  12. ◦ If you want to add a new Indexer, you have to write some C code. ams-cctld-advanced 10 DNS-OARC

  13. Datasets ◦ A dataset is an 1D or 2D array of counters. ◦ Defined by one or two indexers, and given a name. ◦ Some filters and other options can be applied to Datasets. ◦ In most cases there is a one-to-one mapping between a Dataset and a graph on the Presenter. Sometimes there is more than one way to display the data. ◦ Datasets are written to disk every 60 seconds as an XML file. ◦ If you want to add a new Dataset, add a line to the config- uraiton file. ams-cctld-advanced 12 DNS-OARC

  14. Dataset Examples dataset qtype dns All:null Qtype:qtype queries-only; dataset rcode_vs_replylen dns Rcode:rcode ReplyLen:msglen replies-only; dataset client_subnet2 dns Class:query_classification ClientSubnet:cip4_net quer ies-only max-cells=200; ams-cctld-advanced 13 DNS-OARC

  15. Data Transfer

  16. Getting XML from Collector to Presenter ◦ DSC doesn’t really care how the XML files get from the Collector to the Presenter. ◦ Designed for store-and-forward so that data will be queued on the collectors if presenter is unreachable. ◦ Some scripts are provided that use rsync and X509. ◦ Also a script to send data to DNS-OARC (using SSH without rsync). ◦ You could write your own, use NFS, etc. ams-cctld-advanced 15 DNS-OARC

  17. rsync/SSH ◦ Probably the best balance between security and simplicity. ◦ Create a separate SSH key for each NODE. ◦ Place the NODE’s keys in the presenter authorized keys file. ams-cctld-advanced 16 DNS-OARC

  18. X509 ◦ Perhaps more secure than SSH, but a hassle to maintain. ◦ Create X509 keys/certificates for each NODE ◦ Upload through Apache with custom CGI script. ams-cctld-advanced 17 DNS-OARC

  19. Demo

  20. Installation

  21. Installing Collector ◦ Download DSC software from workshop FTP server $ cd $ fetch ftp://193.0.24.110/pub/dsc-200808221554.tar.gz $ fetch ftp://ftp.bert/pub/dsc-200808221554.tar.gz $ tar xzf dsc-200808221554.tar.gz $ cd dsc-200808221554 $ cd collector $ make ◦ Oops, we need a Perl module... $ (cd /usr/ports/devel/p5-Proc-PID-File ; sudo make all install) $ make $ sudo make install ams-cctld-advanced 20 DNS-OARC

  22. Configuring Collector $ cd /usr/local/dsc/etc $ cp dsc.conf.sample dsc.conf $ vi dsc.conf ◦ Can leave most of the defaults as they are. ◦ Today, pay special attention to: run_dir /usr/local/dsc/run/ns1; local_address 193.0.__.__; interface em0; ◦ Create the run dir $ sudo mkdir -p /usr/local/dsc/run/ns1 ams-cctld-advanced 21 DNS-OARC

  23. dsc Test Run $ cd /usr/local/dsc $ sudo bin/dsc -f -d etc/dsc.conf $ ls -l run $ less run/*.xml ams-cctld-advanced 22 DNS-OARC

  24. Running dsc normally ◦ DSC source distribution includes a BSD-style rc script, but you have to install it manually. $ cd dsc-200808221554 $ sudo install -m 755 collector/dsc/dsc.sh \ /usr/local/etc/rc.d/dsc $ sudo /usr/local/etc/rc.d/dsc start ams-cctld-advanced 23 DNS-OARC

  25. Collector Cron Jobs ◦ upload-prep.pl moves files from dsc run dir to one or more upload directories. * * * * * /usr/local/dsc/libexec/upload-prep.pl ◦ upload-rsync.sh (or similar) copies XML files from the upload directory to the presenter system. * * * * * /usr/local/dsc/libexec/upload-rsync.sh ns1 \ noc dsc-pc1@193.0.24.110:/usr/local/dsc/data/pc1/ns1 ◦ But don’t save the crontab file yet...! ams-cctld-advanced 24 DNS-OARC

  26. How does upload-prep.pl work? ◦ upload-prep.pl moves files from dsc run dir to one or more upload directories. ◦ You must create these upload directories $ cd /usr/local/dsc/run/ns1 $ sudo mkdir upload $ sudo mkdir upload/noc $ sudo mkdir upload/presenter2 # you could have more than one ◦ XML files will stay in these upload directories until they are uploaded and removed. ◦ Can run out of disk space if not careful. ams-cctld-advanced 25 DNS-OARC

  27. How does upload-rsync.sh work? ◦ Takes three arguments: NODENAME UPDIR DESTINA- TION ◦ NODENAME is the name of this collector node and must be unique. ⊲ example: ns1 ◦ UPDIR is the name of the upload directory ⊲ example: noc ◦ DESTINATION is an rsync-style destination ⊲ example: dsc-pc1@193.0.24.110:/usr/local/dsc/data ◦ Looks for a SSH key at $HOME/.ssh/dsc uploader id ⊲ ssh-keygen -d -f $HOME/.ssh/dsc_uploader_id ◦ Send your SSH public key to the presenter when its ready and test that it works. ams-cctld-advanced 26 DNS-OARC

  28. Back to crontab ◦ Save the new cron jobs ◦ Wait 60 seconds or less ◦ Check your mailbox for cron job errors ams-cctld-advanced 27 DNS-OARC

  29. Installing Presenter

  30. Dependencies $ (cd /usr/ports/*/p5-CGI-Untaint; sudo make all install) $ (cd /usr/ports/*/p5-File-Flock; sudo make all install) $ (cd /usr/ports/*/p5-File-NFSLock; sudo make all install) $ (cd /usr/ports/*/p5-Hash-Merge; sudo make all install) $ (cd /usr/ports/*/p5-IP-Country; sudo make all install) $ (cd /usr/ports/*/p5-Math-Calc-Units; sudo make all install) $ (cd /usr/ports/*/p5-Net-DNS; sudo make all install) $ (cd /usr/ports/*/p5-Text-Template; sudo make all install) $ (cd /usr/ports/*/p5-Proc-PID-File ; sudo make all install) $ (cd /usr/ports/www/apache22; sudo make all install) $ (cd /usr/ports/math/ploticus; sudo make all install) ams-cctld-advanced 29 DNS-OARC

  31. Install $ cd dsc-200808221554/presenter $ cd perllib $ perl Makefile.PL $ make && sudo make install $ cd .. $ make && sudo make install ams-cctld-advanced 30 DNS-OARC

  32. Cron Jobs */5 * * * * exec /usr/local/dsc/libexec/refile-and-grok.sh @midnight find /usr/local/dsc/data/*/*/done \ | /usr/local/dsc/libexec/remove-xmls.pl 3 17 * * * * cd /usr/local/dsc/cache; /bin/ls -t \ | /usr/bin/tail +500 \ | /usr/bin/xargs /bin/rm ◦ refile-and-grok.sh processes the incoming XML files ◦ remove-xmls.pl ... removes old XML files ◦ Lastly, a job to keep the image cache to a finite size. ams-cctld-advanced 31 DNS-OARC

  33. The Grapher ◦ Copy or symlink the dsc-grapher.pl to Apache’s cgi-bin di- rectory ◦ Might need AddHandler cgi-script .pl Options ExecCGI Includes FollowSymlinks ◦ $ cd htdocs $ sudo ln -s /usr/local/dsc/share/html dsc ◦ dsc-grapher.cfg $ cd /usr/local/dsc/etc $ cp dsc-grapher.cfg.sample dsc-grapher.cfg $ vi dsc-grapher.cfg server TLD ns1 ns2 ... ams-cctld-advanced 32 DNS-OARC

Recommend

START CODING A half-day tutorial on developing domain-driven apps with Apache Isis DOMAIN

START CODING A half-day tutorial on developing domain-driven apps with Apache Isis DOMAIN

STOP SCAFFOLDING START CODING A half-day tutorial on developing domain-driven apps with Apache Isis DOMAIN DRIVEN DESIGN Ubiquitous Language With a conscious effort by the team, the domain model can provide the backbone for that

108 views • 7 slides
DNS (Domain Name System) Tutorial @ IETF-70 (DNS for protocol designers) lafur Gumundsson

DNS (Domain Name System) Tutorial @ IETF-70 (DNS for protocol designers) lafur Gumundsson

DNS (Domain Name System) Tutorial @ IETF-70 (DNS for protocol designers) lafur Gumundsson OGUD consulting Peter Koch DENIC eG 2007-12-02 DNS Tutorial @ IETF-70 1 ogud@ogud.com & pk@denic.de Tutorial Overview Goal: Give

736 views • 54 slides
CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001

CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001

CS 557 Inter-Domain Routing Introduction to BGP Routing Tutorial slides from Tim Griffin, 2001 Spring 2013 Inter-domain Routing 2153 11537 1706 52 FRGP Level 3 ARIZONA ColoState Autonomous Systems (AS) Border Gateway Protocol

566 views • 30 slides
A tutorial in spatial statistics for microscopy data analysis Ed Cohen Department of Mathematics,

A tutorial in spatial statistics for microscopy data analysis Ed Cohen Department of Mathematics,

A tutorial in spatial statistics for microscopy data analysis Ed Cohen Department of Mathematics, Imperial College London wwwf.imperial.ac.uk/ eakc07 QBI 2019 Spatial Statistics Spatial Statistics: Statistical theory and methodology for

590 views • 30 slides
A Semi Preemptive Garbage A Semi Preemptive Garbage Collector for Solid State Collector

A Semi Preemptive Garbage A Semi Preemptive Garbage Collector for Solid State Collector

A Semi Preemptive Garbage A Semi Preemptive Garbage Collector for Solid State Collector for Solid State Collector for Solid State Collector for Solid State Drives Drives Junghee Lee, Youngjae Kim, Galen M. Shipman, Sarp Oral, Feiyi Wang,

540 views • 26 slides
Domain Adaptation and Zero-Shot Learning Llus Castrejn CSC2523 Tutorial What is this? Game:

Domain Adaptation and Zero-Shot Learning Llus Castrejn CSC2523 Tutorial What is this? Game:

Domain Adaptation and Zero-Shot Learning Llus Castrejn CSC2523 Tutorial What is this? Game: Caption the following images using one short sentence. 2 / 46 What is this? 3 / 46 What is this? 4 / 46 What is this? 5 / 46 Current computer

1.03k views • 46 slides
San Mateo County San Mateo County Treasurer- -Tax Collector Tax Collector Treasurer Lee

San Mateo County San Mateo County Treasurer- -Tax Collector Tax Collector Treasurer Lee

San Mateo County San Mateo County Treasurer- -Tax Collector Tax Collector Treasurer Lee Buffington June 21, Lee Buffington June 21, 2010 2010 Mission Statement The Treasurer-Tax Collector manages and protects the Countys financial

526 views • 13 slides
Probability and Statistics Tutorial 3: week 4 Problem 6A () >

Probability and Statistics Tutorial 3: week 4 Problem 6A () >

Probability and Statistics Tutorial 3: week 4 Problem 6A () > 1 0.2 ANSWER: Use the cumulative distribution for 1 : () 2 ~

490 views • 13 slides
Scaling Domain Driven Design Greg Young IMIS Presentation Is Is Not Discussion of DDD A

Scaling Domain Driven Design Greg Young IMIS Presentation Is Is Not Discussion of DDD A

Scaling Domain Driven Design Greg Young IMIS Presentation Is Is Not Discussion of DDD A DDD Tutorial being used in a large A Scalability Tutorial scale system Discussion of concepts that can be applied to other domains to

661 views • 27 slides
ESTABLISHING GOALS & PERFORMANCE MEASURES Jordan Kaufman, Kern County Treasurer-Tax Collector

ESTABLISHING GOALS & PERFORMANCE MEASURES Jordan Kaufman, Kern County Treasurer-Tax Collector

ESTABLISHING GOALS & PERFORMANCE MEASURES Jordan Kaufman, Kern County Treasurer-Tax Collector Shari Freidenrich, Orange County Treasurer-Tax Collector Harry Hagen, Santa Barbara County Treasurer-Tax Collector The Purpose Make the CAO

775 views • 74 slides
and recommend to those in the official statistics domain? Ja Javier vier Car arranza, ranza,

and recommend to those in the official statistics domain? Ja Javier vier Car arranza, ranza,

C2G data partnerships: What can we learn from and recommend to those in the official statistics domain? Ja Javier vier Car arranza, ranza, Fund ndaci acin n Geoce ocensos, nsos, Septiembre ptiembre 2018 18 ja javier vier.ca

253 views • 22 slides
Outline About this Tutorial An Introduction to the R Environment Basics of R Objects and

Outline About this Tutorial An Introduction to the R Environment Basics of R Objects and

About this Tutorial Basics of R Statistics with R Modelling Graphics About this Tutorial Basics of R Statistics with R Modelling Graphics Outline About this Tutorial An Introduction to the R Environment Basics of R Objects and

460 views • 17 slides
Introduction to Planning Domain Modeling in RDDL Scott Sanner Observation Planning

Introduction to Planning Domain Modeling in RDDL Scott Sanner Observation Planning

ICAPS 2018 Tutorial Introduction to Planning Domain Modeling in RDDL Scott Sanner Observation Planning languages direct 5+ years of research PDDL and variants PPDDL Why? Domain design is time-consuming So everyone

1.14k views • 55 slides
TUTORIAL HANDOUT GENOVA JUNE 11 INFORMATION GEOMETRY AND ALGEBRAIC STATISTICS ON A FINITE STATE

TUTORIAL HANDOUT GENOVA JUNE 11 INFORMATION GEOMETRY AND ALGEBRAIC STATISTICS ON A FINITE STATE

TUTORIAL HANDOUT GENOVA JUNE 11 INFORMATION GEOMETRY AND ALGEBRAIC STATISTICS ON A FINITE STATE SPACE AND ON GAUSSIAN MODELS LUIGI MALAG` O AND GIOVANNI PISTONE Contents 1. Introduction 2 1.1. C. R. Rao 2 1.2. S.-H. Amari 2 2. Finite

618 views • 26 slides
Internationalized Domain Names Tutorial ICANN Meeting So Paulo, Brazil 3 December 2006 Tina

Internationalized Domain Names Tutorial ICANN Meeting So Paulo, Brazil 3 December 2006 Tina

Internationalized Domain Names Tutorial ICANN Meeting So Paulo, Brazil 3 December 2006 Tina Dam IDN Program Director ICANN Email: tina.dam@icann.org Remote Participation Jabber room is open: IDNQUESTIONS@jabber.icann.org

380 views • 35 slides
Solar Controller Training Presentation AAV solar heated 1 hot water SOLAR COLLECTOR 3

Solar Controller Training Presentation AAV solar heated 1 hot water SOLAR COLLECTOR 3

Solar Controller Training Presentation AAV solar heated 1 hot water SOLAR COLLECTOR 3 Press Gauge 2 1. Solar Collector or panel SRV Temp Gauges 2. Cylinder or store. Fill1 Vessel connection 3. Pump Station Air Scoop

379 views • 19 slides
On the Biased Partial Word Collector Problem Philippe Duchon and Cyril Nicaud LIGM Universit e

On the Biased Partial Word Collector Problem Philippe Duchon and Cyril Nicaud LIGM Universit e

On the Biased Partial Word Collector Problem Philippe Duchon and Cyril Nicaud LIGM Universit e Paris-Est & CNRS February 8, 2018 1 / 16 Coupon collector The classical coupon collector problem is the following: There are n different

516 views • 16 slides
TOY FAIR 2010 CELEBRATION 2010 COLLECTOR EVENT COLLECTOR EVENT PRESENTATION PRESENTATION o

TOY FAIR 2010 CELEBRATION 2010 COLLECTOR EVENT COLLECTOR EVENT PRESENTATION PRESENTATION o

TOY FAIR 2010 CELEBRATION 2010 COLLECTOR EVENT COLLECTOR EVENT PRESENTATION PRESENTATION o THANKS TO THE FANS! o Vintage is here! Along with a big new line look o 2010 will be more focused but it will be a CELEBRATION! o Great new

1.12k views • 70 slides
Bipolar Junction Transistors Emitter p n p Collector Emitter n p n Collector Base Base

Bipolar Junction Transistors Emitter p n p Collector Emitter n p n Collector Base Base

Bipolar Junction Transistors Emitter p n p Collector Emitter n p n Collector Base Base pnp transistor npn transistor M. B. Patil, IIT Bombay Bipolar Junction Transistors Emitter p n p Collector Emitter n p n Collector Base

1.25k views • 94 slides
RCGC is naturally incremental, how about making it concurrent Review Incremental mark-sweep

RCGC is naturally incremental, how about making it concurrent Review Incremental mark-sweep

RCGC is naturally incremental, how about making it concurrent Review Incremental mark-sweep Steeles multiprocessing, compactifying collector Dijkstras on -the-fly collector Kung and Song improved four-color collector

491 views • 15 slides
CS 574: Randomized Algorithms Lecture 5. Coupon Collector Problems September 8, 2015 Lecture 5.

CS 574: Randomized Algorithms Lecture 5. Coupon Collector Problems September 8, 2015 Lecture 5.

CS 574: Randomized Algorithms Lecture 5. Coupon Collector Problems September 8, 2015 Lecture 5. Coupon Collector Problems CS 574: Randomized Algorithms Coupon Collector n types of coupons in cereal boxes,each time you purchase a cereal box,

455 views • 23 slides
A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling

A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling

A GAMS TUTORIAL A GAMS TUTORIAL A GAMS TUTORIAL WHAT IS GAMS ? General Algebraic Modeling System Modeling linear, nonlinear and mixed integer optimization problems Useful with large, complex problems A GAMS TUTORIAL A GAMS TUTORIAL

274 views • 24 slides
Lecture Three: Time Series Analysis If your experiment needs statistics, you ought to have

Lecture Three: Time Series Analysis If your experiment needs statistics, you ought to have

Lecture Three: Time Series Analysis If your experiment needs statistics, you ought to have done a better experiment. Ernest Rutherford Time domain data (a day at a time) Time domain data (a day at a time) Sampling, noise, and baseline

550 views • 27 slides
CS 294-34: Practical Machine Learning Tutorial Ariel Kleiner Content inspired by Fall 2006

CS 294-34: Practical Machine Learning Tutorial Ariel Kleiner Content inspired by Fall 2006

CS 294-34: Practical Machine Learning Tutorial Ariel Kleiner Content inspired by Fall 2006 tutorial lecture by Alexandre Bouchard-Cote and Alex Simma August 27, 2009 Machine Learning Draws Heavily On. . . Probability and Statistics

1.21k views • 34 slides

More recommend