DNS&BIND——源码编译bind9和DNS的压力测试
2017-06-22 22:55
369 查看
源码编译bind9
why-Source installation-bind9安装rpm包那么方便,为什么要手动编译bind9呢,因为编译安装可以按照自己的需求拓展相应的模块,可以增加软件的灵活性哦~
how-Source installation-bind9
安装编译环境
编译源码通常都需要安装Devel包等~~~[root@server1 yum.repos.d]# yum groupinstall "Development Tools" "Server Platform Development"
创建系统用户和组
[root@server1 bind-9.9.5]# groupadd -r -g 53 named [root@server1 bind-9.9.5]# useradd -u 53 -g named named -r 注意: -r, --system create a system account
源码编译三部曲 [root@server1 bind-9.9.5]# ./configure --prefix=/usr/local/bind9 --sysconfdir=/etc/named/ --disable-ipv6 --disable-chroot --enable-threads [root@server1 bind-9.9.5]# make && make install
更改PATH环境变量,方便命令可在任何环境下执行
[root@server1 local]# vim /etc/profile.d/name.sh export PATH=/usr/local/bind9/bin:/usr/local/bind9/sbin:$PATH [root@server1 local]# . /etc/profile.d/name.sh [root@server1 local]# echo $PATH /usr/local/bind9/bin:/usr/local/bind9/sbin:/usr/local/bind9/bin:
通知系统重读库文件(因为bind库文件为静态,所以这步可以省略)
[root@server1 lib]# pwd /usr/local/bind9/lib [root@server1 lib]# ls libbind9.a libdns.a libisc.a libisccc.a libisccfg.a liblwres.a [root@server1 lib]# cat /etc/ld.so.conf.d/name.conf /usr/local/bind9/lib [root@server1 lib]# ldconfig -v
链接头文件所属路径
[root@server1 lib]# ln -sv /usr/local/bind9/include/ /usr/include/named `/usr/include/named' -> `/usr/local/bind9/include/'
导出man文件所属路径
[root@server1 lib]# vim /etc/man.config 48 MANPATH /usr/local/bind9/share/man
编写named.conf
[root@server1 named]# vim /etc/named/named.conf options { directory "/var/named"; }; zone "." IN{ type hint; #根域名解析 file "name.ca"; }; zone "localhost" IN { #localhost type master; file "localhost.zone"; allow-update {none;}; }; zone "0.0.127.in-addr.arpa" IN { #127.0.0.1的PTR type master; file "named.local"; allow-update {none; }; };
找一台能上外网的主机,寻找根域名服务器,编写named.ca
dig -t NS . @192.168.2.1 >/var/ftp/pub/docs/dns/named.ca
编写本地区域解析文件
[root@server1 named]# vim named.local $TTL 1d @ IN SOA localhost. admin.localhost. ( 2017062101 1h 5m 7d 1d) IN NS localhost. 1 IN PTR localhost. [root@server1 named]# vim localhost.zone $TTL 1d @ IN SOA localhost. admin.localhost. ( 2017062101 1h 5m 7d 1d) IN NS localhost. localhost. IN A 127.0.0.1
更改权限信息
[root@server1 named]# chmod 640 /var/named/ -R [root@server1 named]# chown named.named /var/named/ -R [root@server1 named]# ls localhost.zone name.ca named.local
启动 named
1.debug运行 将debug信息输出到控制台==,无报错就是成功 [root@server1 named]# named -u named -f -g -d 3 22-Jun-2017 09:55:41.701 starting BIND 9.9.5 -u named -f -g -d 3 ... ... 22-Jun-2017 09:55:41.793 zone_timer: zone D.F.IP6.ARPA/IN: enter 22-Jun-2017 09:55:41.793 zone_maintenance: zone D.F.IP6.ARPA/IN: enter 22-Jun-2017 09:55:41.793 zone_settimer: zone D.F.IP6.ARPA/IN: enter 2.后台运行 [root@server1 named]# named -u named
配置rndc.key
[root@server1 ~]# rndc-confgen -r /dev/urandom > /etc/named/rndc.conf # -r 指明随机数文件 # Start of rndc.conf key "rndc-key" { algorithm hmac-md5; secret "dRB7GnWbWpYfvmf2/52ahg=="; }; options { default-key "rndc-key"; default-server 127.0.0.1; default-port 953; }; # End of rndc.conf # Use with the following in named.conf, adjusting the allow list as needed: # key "rndc-key" { # algorithm hmac-md5; # secret "dRB7GnWbWpYfvmf2/52ahg=="; # }; # # controls { # inet 127.0.0.1 port 953 # allow { 127.0.0.1; } keys { "rndc-key"; }; # }; # End of named.conf根据提示信息,将rndc的key信息追加named.conf
``` vim /etc/named/named.conf ... # Use with the following in named.conf, adjusting the allow list as needed: key "rndc-key" { algorithm hmac-md5; secret "hVR73nDTM+opRcsa13kmdg=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; };
检验rndc是否成功启动
[root@server1 ~]# named -u named [root@server1 ~]# ss -antlpu |grep 53 udp UNCONN 0 0 172.25.88.1:53 *:* users:(("named",2635,513)) udp UNCONN 0 0 127.0.0.1:53 *:* users:(("named",2635,512)) udp UNCONN 0 0 172.25.88.1:53 *:* users:(("named",2629,513)) udp UNCONN 0 0 127.0.0.1:53 *:* users:(("named",2629,512)) tcp LISTEN 0 10 172.25.88.1:53 *:* users:(("named",2629,21)) tcp LISTEN 0 10 127.0.0.1:53 *:* users:(("named",2629,20)) tcp LISTEN 0 128 127.0.0.1:953 *:* users:(("named",2629,22)) [root@server1 ~]# rndc status version: 9.9.5 <id:f9b8a50e> CPUs found: 1 worker threads: 1 UDP listeners per interface: 1 number of zones: 100 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running
压力测试
编译安装软件
[root@server1 queryperf]# ./configure [root@server queryperf]# make [root@server queryperf]# cp queryperf /usr/local/bin/ [root@server1 queryperf]# pwd /root/bind-9.9.5/contrib/queryperf
编写测试文件
[root@server queryperf]# vim test www.lalala.com A pop3.lalala.com A lmap4.lalala.com A web.lalala.com A lalala.com NS lalala.com MX www.lalala.com A ... ...开始测试^-^
[root@server1 queryperf]# queryperf -d test DNS Query Performance Testing Tool Version: $Id: queryperf.c,v 1.12 2007/09/05 07:36:04 marka Exp $ [Status] Processing input data [Status] Sending queries (beginning with 127.0.0.1) [Status] Testing complete Statistics: Parse input file: once Ended due to: reaching end of file Queries sent: 24684 queries Queries completed: 24684 queries Queries lost: 0 queries Queries delayed(?): 0 queries RTT max: 0.010893 sec RTT min: 0.000838 sec RTT average: 0.001360 sec RTT std deviation: 0.000279 sec RTT out of range: 0 queries Percentage completed: 100.00% Percentage lost: 0.00% Started at: Thu Jun 22 05:26:29 2017 Finished at: Thu Jun 22 05:26:31 2017 Ran for: 1.827324 seconds Queries per second: 13508.277678 qps #观测性能指标:QPS-QPS每秒查询率
注意: 开启rndc querylog,性能会极大的产生影响
[root@server queryperf]# rndc querylog [root@server queryperf]# rndc status version: 9.9.4-RedHat-9.9.4-14.el7 <id:8f9657aa> CPUs found: 1 worker threads: 1 UDP listeners per interface: 1 number of zones: 202 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is ON recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running
[root@server queryperf]# queryperf -d test DNS Query Performance Testing Tool Version: $Id: queryperf.c,v 1.12 2007/09/05 07:36:04 marka Exp $ [Status] Processing input data [Status] Sending queries (beginning with 127.0.0.1) [Status] Testing complete Statistics: Parse input file: once Ended due to: reaching end of file Queries sent: 24684 queries Queries completed: 24684 queries Queries lost: 0 queries Queries delayed(?): 0 queries RTT max: 0.022877 sec RTT min: 0.000623 sec RTT average: 0.004682 sec RTT std deviation: 0.002453 sec RTT out of range: 0 queries Percentage completed: 100.00% Percentage lost: 0.00% Started at: Thu Jun 22 05:32:47 2017 Finished at: Thu Jun 22 05:32:53 2017 Ran for: 5.896463 seconds Queries per second: 4186.238428 qps可以看到打开querylog(查询日志),性能只有原来的3/1,所以一般情况下querylog为关闭状态
相关文章推荐
- DNS BIND 压力测试 - queryperf
- 如何手动编译bind,如何使用view实现智能DNS解析,以及如何对DNS服务器进行压力测试。
- 总结之:CentOS6.5 DNS服务BIND配置、正反向解析、主从及压力测试(2) 推荐
- bind的编译安装以及压力测试工具queryperf的使用
- bind9源码编译主、辅DNS
- bind编译安装及压力测试
- 总结之:CentOS6.5 DNS服务BIND配置、正反向解析、主从及压力测试(4)
- 总结之:CentOS6.5 DNS服务BIND配置、正反向解析、主从及压力测试(1)
- 总结之:CentOS6.5 DNS服务BIND配置、正反向解析、主从及压力测试(3) 推荐
- DNS域名服务 BIND (上)——BIND相关软件包 DNS测试
- 强大的TcpServer压力测试工具源码(附突破连接限制的方法和工具)
- CENTOS 5.5 64位 编译安装 webbench 1.5网站压力测试工具
- 强大的TcpServer压力测试工具源码(附突破连接限制的方法和工具)
- Android 模拟器(源码编译)测试内核驱动
- ACL、dns日志、queryperf压力测试、dnstop性能测试
- DNS服务部署的那点事儿之DNS压力测试
- 总结之:CentOS 6.4源码编译安装httpd并启动测试 推荐
- java 数据库压力测试 源码
- 强大的TcpServer压力测试工具源码(附突破连接限制的方法和工具)
- webbench网络压力测试源码