Manual Chapter :
Setting Up and Viewing DNS Statistics
Applies To:
Show VersionsBIG-IP LTM
- 14.0.1, 14.0.0
BIG-IP DNS
- 14.0.1, 14.0.0
Setting Up and Viewing DNS Statistics
Overview: Setting up and viewing DNS statistics
You can view DNS AVR and DNS global statistics on the BIG-IP® system to
help you manage and report on the DNS traffic on your network.
- DNS AVR Statistics
- You must configure an AVR sampling rate on a DNS profile and assign it to a listener or virtual server before the BIG-IP system can gather DNS AVR statistics. An AVR Analytics profile is not required for the BIG-IP system to gather and display DNS AVR statistics. The DNS AVR statistics include DNS queries per:
- Application
- Virtual server
- Query name
- Query type
- Client IP address
- (You can also filter the statistics by time period.)
- DNS Global Statistics
- The BIG-IP system automatically collects DNS global statistics about the DNS traffic the system processes. The DNS global statistics include:
- Total DNS queries and responses
- Details about DNS queries and responses
- Details about DNS Services rate-limited license
- The number of wide IP requests
- Details about BIG-IP DNS rate-limited license
- The number of DNS Express™ requests and NOTIFY announcements and messages
- The number of DNS cache requests
- The number of DNS IPv6 to IPv4 requests, rewrites, and failures
- The number of unhandled query actions per specific actions
Creating a DNS profile for AVR statistics collection
Ensure that Application Visibility and Reporting (AVR) is provisioned.
Configure the BIG-IP system to collect AVR statistics on a
sampling of the DNS traffic that the BIG-IP system handles.
- On the Main tab, clickor .The DNS profile list screen opens.
- ClickCreate.The New DNS Profile screen opens.
- In theNamefield, type a unique name for the profile.
- Select theCustomcheck box.
- In the Logging and Reporting area, select theAVR Statistics Sample Ratecheck box.TheEnabled 1/ 1 queries sampledfield displays.
- In theEnabled 1/ 1 queries samplefield, change the1to the number of queries from which the system takes one sample.0No DNS requests are stored in the Analytics database.1All DNS requests are stored in the Analytics database.n>1Every nth DNS request is stored in the Analytics database.
- ClickFinished.
Assign the DNS profile to a listener or virtual server.
Configuring a
BIG-IP DNS listener for DNS AVR statistics collection
Ensure that at least one custom DNS profile configured with an AVR sampling rate exists
on the BIG-IP system.
Assign a custom DNS profile to a listener when you
want the BIG-IP system to collect AVR statistics on a sampling of the DNS traffic the
listener handles.
This task applies only to DNS-provisioned systems.
- On the Main tab, click.The Listeners List screen opens.
- Click the name of the listener you want to modify.
- In the Service area, from theDNS Profilelist, select a custom DNS profile configured with an AVR sampling rate.
- ClickUpdate.
Viewing DNS AVR statistics
Ensure that Application Visibility and Reporting (AVR) is provisioned. Ensure that
the BIG-IP system is configured to collect DNS statistics on a
sampling of the DNS traffic that the BIG-IP system handles.
View DNS AVR statistics to help you manage the DNS traffic on your network.
- On the Main tab, click.The DNS Analytics screen opens.
- From theView Bylist, select the specific network object type for which you want to display statistics.You can also clickExpand Advanced Filtersto filter the information that displays.
- From theTime Periodlist, select the amount of time for which you want to view statistics.To display reports for a specific time period, selectCustomand specify beginning and end dates.
- ClickExportto create a report of this information.The timestamp on the report reflects a publishing interval of five minutes; therefore, a time period request of 12:40-13:40 actually displays data between 12:35-13:35. By default, the BIG-IP system displays one hour of data.
Viewing DNS AVR statistics in tmsh
Ensure that Application Visibility and Reporting (AVR) is provisioned. Ensure that
the BIG-IP system is configured to collect DNS statistics on a
sampling of the DNS traffic that the BIG-IP system handles.
View DNS analytics statistics to help you manage the DNS traffic on your network.
- Log on to the command-line interface of the BIG-IP system.
- At the BASH prompt, typetmsh.
- At thetmshprompt, type one of these commands and then press Enter.show analytics dns report view-by query-name limit 3Displays the three most common query names.show analytics dns report view-by query-type limit 3Displays the three most common query types.show analytics dns report view-by client-ip limit 3Displays the three client IP addresses from which the most DNS queries originate.show analytics dns report view-by query-name drilldown { { entity query-type values {A}}} limit 3Displays the three most common query names for query type A records.show analytics dns report view-by query-type drilldown { { entity query-name values {www.f5.com}}} limit 3Displays the three most common query types for query namewww.f5.com.show analytics dns report view-by client-ip drilldown { { entity query-type values {A}}} limit 3Displays the three most common client IP addresses requesting query type A records.
Viewing DNS global statistics
Ensure that at least one DNS profile exists on the BIG-IP
system and that this profile is assigned to an LTM virtual server
or a DNS listener that is configured to use the TCP protocol.
If you want to view AXFR and IXFR statistics, the listener or virtual
server must be configured to use the TCP protocol. This is because zone transfers
occur over the TCP protocol.
View DNS global statistics to determine how to fine-tune your network configuration
or troubleshoot DNS traffic processing problems.
- On the Main tab, click.The DNS Delivery statistics screen opens.
- From theStatistics Typelist, selectProfiles.
- In the Global Profile Statistics area, in the Details column of the DNS profile, clickView.
Viewing DNS statistics for a specific virtual server
Ensure that at least one virtual server associated with a DNS profile exists on the
BIG-IP system.
If you want to view AXFR and
IXFR statistics, the virtual server must be configured to use the TCP protocol. This
is because zone transfers occur over the TCP protocol.
You can view DNS statistics per virtual server when you want to analyze how the
BIG-IP system is handling specific DNS traffic.
- On the Main tab, click.The Local Traffic statistics screen opens.
- From theStatistics Typelist, selectVirtual Servers.
- In the Details column for the virtual server, clickView.
Implementation result
You now have an implementation in which the BIG-IP® system gathers
both DNS AVR and DNS global statistics. You can view these statistics to help you
understand DNS traffic patterns and manage the flow of your DNS traffic, especially when
your network is under a DDoS attack.