DNS v2
The objective of the DNSv2 effort is to provide a number of significant enhancements to the DNS metrics currently provided by the pktvisor DNS handler, without the constraint of requiring reverse compatibility. That said, the changes should be made to be compatible as much as possible but important or significant enhancements should not be precluded because of this.
The following enhancements should be considered candidates for DNSv2:
- Normalize units of measure across similar metrics (packets versus queries versus responses versus transactions)
- Consistency of interpretation of metrics when filters are applied
- Provide explicit inbound versus outbound DNS query metrics
- Extend support of DNS transaction metrics when filters are applied (such as RCODEs)
- Support for new filters, such as
- ANSWER payload content of responses
- Support for Prometheus/OpenMetrics style histograms
- All metrics should be based on transactions
Transaction data that needs to be cached from the query:
- QNAME
- ECS
- UDP/TCP
- Source IPv4/v6
- Destination IPv4/v6
Metric naming structure:
| Metric Name | Type | Unit of Measure | Metric Groups |
|---|---|---|---|
dns_observed_packets |
gauge | packets | Counters |
dns_filtered_packets |
gauge | packets | Counters |
dns_deep_sampled_packets |
gauge | packets | Counters |
dns_<dir>_xact |
gauge | transactions | Counters |
dns_<dir>_ipv4_xact |
gauge | transactions | Counters |
dns_<dir>_ipv6_xact |
gauge | transactions | Counters |
dns_<dir>_tcp_xact |
gauge | transactions | Counters |
dns_<dir>_udp_xact |
gauge | transactions | Counters |
dns_<dir>_dnssec_xact |
gauge | transactions | Counters |
dns_<dir>_noerror_xact |
gauge | transactions | Counters |
dns_<dir>_nxdomain_xact |
gauge | transactions | Counters |
dns_<dir>_srvfail_xact |
gauge | transactions | Counters |
dns_<dir>_refused_xact |
gauge | transactions | Counters |
dns_<dir>_nodata_xact |
gauge | transactions | Counters |
dns_<dir>_cardinality_qname |
gauge | number | Cardinality |
dns_<dir>_xact_rate |
quantiles | transactions/sec | Quantiles |
dns_<dir>_xact_time_us |
quantiles | microseconds | Quantiles |
dns_<dir>_top_noerror_xact |
top | transactions | TopQnames |
dns_<dir>_top_nxdomain_xact |
top | transactions | TopQnames |
dns_<dir>_top_srvfail_xact |
top | transactions | TopQnames |
dns_<dir>_top_refused_xact |
top | transactions | TopQnames |
dns_<dir>_top_nodata_xact |
top | transactions | TopQnames |
dns_<dir>_top_qname2_xact |
top | transactions | TopQnames |
dns_<dir>_top_qname3_xact |
top | transactions | TopQnames |
dns_<dir>_top_geo_xact |
top | transactions | TopQnames |
dns_<dir>_top_asn_xact |
top | transactions | TopQnames |
dns_<dir>_top_qtype_xact |
top | transactions | TopQnames |
dns_<dir>_top_slow_xact |
top | transactions | TopQnames |
dns_<dir>_top_udp_port_xact |
top | transactions | TopPorts |
dns_<dir>_timeout_queries |
gauge | queries | Counters |
dns_<dir>_timeout_udp_queries |
gauge | queries | TimeoutDetails |
dns_<dir>_timeout_tcp_queries |
gauge | queries | TimeoutDetails |
dns_<dir>_timeout_ipv4_queries |
gauge | queries | TimeoutDetails |
dns_<dir>_timeout_ipv6_queries |
gauge | queries | TimeoutDetails |
dns_<dir>_timeout_top_qname_queries |
top | queries | TimeoutDetails |
dns_<dir>_timeout_top_asn_queries |
top | queries | TimeoutDetails |
dns_<dir>_timeout_top_geo_queries |
top | queries | TimeoutDetails |
dns_<dir>_timeout_top_src_ipv4_queries |
top | queries | TimeoutDetails |
dns_<dir>_timeout_top_src_ipv6_queries |
top | queries | TimeoutDetails |
dns_<dir>_timeout_top_dst_ipv4_queries |
top | queries | TimeoutDetails |
dns_<dir>_timeout_top_dst_ipv6_queries |
top | queries | TimeoutDetails |
